Lead Cybersecurity Systems Engineering Analyst

Build an exciting, rewarding career with us - help us make a difference for millions of people every day. Consider joining the Duke Energy team, where you'll find a friendly work environment, opportunities for growth and development, recognition for your work, and competitive pay and benefits.

We are one of the largest electric power holding companies in the United States, providing electricity to 7.7 million retail customers in six states. We have approximately 51,000 megawatts of electric generating capacity in the Carolinas, the Midwest and Florida - and natural gas distribution services serving more than 1.6 million customers in Ohio, Kentucky, Tennessee and the Carolinas.

We are transforming our customers' experience, modernizing our energy grid, generating cleaner energy and expanding our natural gas infrastructure to create a smarter energy future for our customers.

The Lead Cybersecurity Internet Security Analyst will be a key contributor accountable for Endpoint Protection of corporate endpoints, including Antivirus, Endpoint Detection and Response (EDR), and Perimeter Security which includes SSL/TLS inspection capabilities and web proxy. The position will interface with cross-functional teams from Cybersecurity, IT, and critical business operations to ensure the confidentially, integrity, availability, and regulatory compliance of Duke Energy's computing environments. The Lead Analyst will work closely with peers, other internal/external teams, and management to support a 24x7 Cybersecurity Operations Center (CSOC) environment. The Lead Analyst is expected to build positive and collaborative relationships with stakeholders across the company. They will identify ways to improve working relationships across organizational boundaries through collaborative planning and communicates clearly, candidly, and openly. The Lead Analyst is also responsible for following processes and procedures as defined by Cybersecurity leadership and the Cyber Incident Response Team (CIRT).

Responsibilities:

• Lead daily and weekly team meetings

• Assist and/or lead the implementation of projects across our internal teams for advancing our security posture or capabilities. Also assist other areas with project deliverables across cybersecurity and other business units

• Implementation, support, and maintenance of the Internet Inspection platforms in a large enterprise environment - products such as F5 BigIP, Secure Web Gateway Proxy platform, FireEye, Cofense etc. Provide high level of support to Security Operations and Support teams for all products that make up the Internet Security tool set.

• Administration, operation, and maintenance of threat environment / protections, including installation, configuration, tuning, and maintenance of threat components, Skyhigh Secure Web Gateway, F5 BigIP, Cofense, and FireEye.

• Able to measure and identify areas for improvement

• Employ secure configuration management processes.

• Ability to provide operational support for incident tickets, broke-fix, consultations, and implementation of change controls.

• Train and lead other analysts on the policies and procedures of Cyber Security and Internet Security. Review their research, analysis and conclusions for completeness.

• Ability to participate in on-call rotation to provide 24/7 client support

• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

• Assist with the creation of detailed deployments plans, architectural drawings, and operation manuals.

• High School/GED

• Minimum 12 years related work experience

• Knowledge of identity and data protection in cloud and on-premises technologies. (e.g., Endpoint Detection and Response, Threat Detection, Threat Mitigation).

• Ability to provide operational support for incident tickets, broke-fix, consultations, and implementation of change controls.

• Ability to participate in on-call rotation to provide 24/7 client support.

• High level understanding of Cybersecurity practices/programs. Skill in Cloud based traffic inspection principles, and Inspection Zone capabilities.

• Skill in assessing security controls based on cybersecurity principles (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).

• Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists

• Education Requirement: Bachelor's Degree in Cybersecurity, Computer Science, MIS or other degrees with high level understanding of network and application security and information systems

• Possession of multiple industry standard certifications such as SANS GIAC/GCIA/GCIH/GCFA, CISSP, CISA, CISM, etc. or other network / system security certifications.

• Innovative - ability to recognize and seek improvement and efficiency opportunities

• Hybrid Mobility Classification - Work will be performed from both remote and onsite locations after the onboarding period. However, hybrid employees should live within a reasonable daily commute to a Duke Energy facility.

• Office Environment

• HS/GED: 12 yrs work experience {Required}

• Associates: 10 yrs work experience {Preferred}

• Bachelors: 8 yrs work experience {Preferred}

#LI-ZM1

#LI-Hybrid

Travel Requirements

Posting Expiration Date

All job postings expire at 12:01 AM on the posting expiration date.

Privacy

Do Not Sell My Personal Information (CA)

Terms of Use

Accessibility