Senior Cybersecurity System Engineer

Build an exciting, rewarding career with us - help us make a difference for millions of people every day. Consider joining the Duke Energy team, where you'll find a friendly work environment, opportunities for growth and development, recognition for your work, and competitive pay and benefits.

The Sr. Cybersecurity System Engineer role provides technical oversight and support of the Palo Alto Networks, Cisco ASA, and Fortinet platforms. Additionally, the role will support NERC CIP, TSA, PCI, and SOX compliance initiatives including evidence generation, document reviews, requirement implementation, and audits. The role will support various Cybersecurity projects and business process enhancement requests. Ideal candidates would have experience administering platforms used by Duke Energy and adhering to regulatory requirements in a large enterprise environment. A strong understanding of enterprise networks, hands-on experience architecting and implementing firewall security policy, and any relevant industry certifications are preferred. Position will work closely with various internal and external business areas to help align platform capabilities with compliance requirements and business processes.

• Maintain network protection devices across multiple OT sites, generation facilities, and data centers connected to several thousand servers, routers, and other OSI Layer 3 devices .

• Work with transmission engineers to implement and/or troubleshoot OT related communications (e.g. ModBus/DNP3).

• Monitor system health, respond to customer inquiries, and oversee system management.

• Develops automated work flows to help drive efficiency in the environment.

• Periodically performs firewall rule optimization and reviews.

• Manage the system including software updates, SSL certificates, and hardware life-cycle refreshes when needed.

• Works closely with governance groups to meet activities that support various regulatory

• requirements.

• Assists with managing vendor relationships and manages statement of work engagements with vendor.

• Assists with establishing solution roadmap.

• Recommends feature adoption as appropriate for enhancement of security or efficiency in managing security assets.

• Leads/participates in Cybersecurity projects and initiatives.

• Drives security requirements through the organization.

• Proactively identifies/recommends solutions/resolves potential security gaps.

• Participation in 24x7 system environment including on-call periods and some nights and weekends as needed.

• Provides increased availability during Storm Mode, wide impacting major incidents (MIs), and security incident response events.

• Adheres to proper Change Management and Human Performance requirements and processes.

• Represents Cybersecurity professionally in interaction with internal business partners and other IT Support groups.

• Responsible for understanding the global threat environment and general security best practices.

• Drive continuous improvement of processes and procedures to improve analysis, detection, and mitigation of incidents in support of the overall Cyber Defense mission.

• Provide audit support to internal and external groups as required.

• Collaborate as appropriate with leadership and other key stakeholders.

• Maintain current skills and develop new skills as required by changes in business processes and technology.

• High School/GED

• Nine (9) years minimum related work experience

• CCNA or higher certification

• CISCO Certified - CCNA and/or Palo Alto Networks Certified Network Security Engineer (PCNSE) and/or CISSP

• Network engineering/design/project experience

• Extensive experience in firewall security policy architecture and implementation.

• Experience in firewall administration

• Scripting experience for system automation, maintenance and operations (i.e., Bash and/or Python)

• Experience with enterprise security standards/requirements and compliance frameworks such as NERC, TSA, SOX, and PCI

• Experience supporting large enterprise networks

• Experience managing statement of work engagements with vendors

• Other relevant industry certifications

• Ability to perform self-directed work

• Ability to independently prioritize daily work

• Ability to carry out daily work responsibilities with minimal supervision

• Strong team player

• Ability to manage multiple tasks and assignments

• Demonstrated leadership

• Ability to speak and write about complex technical topics to a less technical audience

• Demonstrated leadership identifying improvement opportunities and solutions

• Demonstrated leadership in identifying process deficiencies and solutions

• Demonstrated commitment to personal and team success

• Hybrid Mobility Classification - Work will be performed from both remote and onsite locations after the onboarding period. However, hybrid employees should live within a reasonable daily commute to a Duke Energy facility.

• Office Environment

• HS/GED: 9 yrs work experience {required}

• Associates: 7 yrs work experience {preferred}

• Bachelors: 5 yrs work experience {preferred}

Travel Requirements

Posting Expiration Date

All job postings expire at 12:01 AM on the posting expiration date.

Privacy

Do Not Sell My Personal Information (CA)

Terms of Use

Accessibility