February 5, 2021 Marisa Silva

Cloud Cyber Security Specialist

This is tiko Energy Solutions – a company part of the ENGIE Group

The tiko platform brings customers the power of a Virtual Power Plant and an award-winning Smart Home Energy Management system designed to connect Residential and SME assets. With its active VPP deployments, tiko is one of the biggest real-time Smart Grids in the world.

Our customizable, future-proof technology has the life-expectancy of a Physical Power Plant and enables the delivery of the full spectrum of energy services, including the most sophisticated.

Self-driven and open to feedback, our dynamic and multicultural start-up culture will provide you with the perfect opportunity to do excellent work, while you contribute to increasing the presence of our innovative energy management solutions worldwide.

Why it’s great to work at tiko:


17 nationalities on 2 campuses at the center of lively cities: Zürich and Milan, and a common language: English. A company where we all know each other and where your opinion matters – really!

We value our work-life balance

Offices in the center of the city, noise cancelling headphones, travelling time considered as working time in trains, flexible hours and home office whenever you need: we offer a flexible workplace.

Exciting workplace

A kitchen to enjoy our meals together in the office in Zürich, and an attractive shared space in Milan, cake at least once a month, numerous team events, barbecues in the summer and fondues in winter on our rooftop in Zürich… We love spending time together.


Milano, Italy

Level of employment:


Your responsibility:

Part of the QA & Cyber Security team you will help to strengthen the security of our Cloud infrastructure. You will be responsible for ensuring tiko’s frontend, cloud application, API, container, orchestration and backend security with a Red/Purple team mindset. You understand modern cloud architectures, latest tools and DevSecOps best practices, and can work fluently with DevOps teams and CI/CD pipelines. You suggest and communicate improvements into our security posture based on your findings.

Your profile:

  • You have a BSc in Computer Science, IT or equivalent proven work experience. Minimum work experience requirement in similar position is 5 years.
  • You have good communication skills with different levels of stakeholders. You are also able to clearly and understandably present and document your work for different audiences.
  • You understand different security compliance frameworks and how to apply them in a pragmatic way to gain the best value for organization.
  • You are aware of the latest attacker TTPs and Threat Intel globally and have also the ability to think like an attacker. You like to innovate and suggest new and more efficient ways to automate and integrate security testing into DevOps processes.
  • You are familiar with e.g. OWASP guidelines and open-source pentesting tools.
  • You know how to integrate Cyber Security into the Infrastructure as Code-tools, Ansible, Kubernetes, Docker configurations, and automate security testing and auditing of those. You also know how to gain visibility (network, servers, applications) in the cloud environments, using tools like ELK-stack, VPC Flows and vulnerability monitoring tools.
  • You consult our developers in Secure Software Development (SDLC) best practices, based on your previous experience in software development.
  • You are open-minded and thrive for continuous improvement and smarter ways of achieving the goals set.
  • You are also able to learn new techniques, tools and skills on the fly and under pressure, while still keeping calm and focused on the task at hand.
  • You have a geeky mindset and hands-on tinkering attitude, and a passion for everything with ones and zeros.
  • You preferably hold at least two or more relevant internationally recognized certifications from e.g.: GIAC, OSCP/E, ISC2, CEH, AWS, CCSK, ISACA, Linux Foundation
  • Fluent English (written and spoken) mandatory, French, German or Italian an advantage.
  • Valid working permit in EU.

Seniority Level:

Mid-Senior Level


Information Technology & Energy Services

Job Functions:

Cyber Security

Cloud Cyber Security Specialist

  • PERSON RESPONSIBLE: tiko Energy Solutions
    MAIN PURPOSE: Job application.
    LEGITIMISATION: Consent from interested party.
    RECIPIENTS: Data shall not be ceded to third parties, unless by express authorisation or due to a legal obligation. We use the Stampready application to store the information and create email marketing campaigns.
    RIGHTS: Access, amend and delete the data, data portability, limitation or opposition to its processing, transparency and right to not be subject to automated decisions.
    ADDITIONAL INFORMATION: You may consult additional and detailed information about our Privacy Policy and Legal Notice.
  • This field is for validation purposes and should be left unchanged.