<h2>More than a career – a chance to make a difference in people’s lives.</h2>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Build an exciting, rewarding career with us – help us make a difference for millions of people every day. Consider joining the Duke Energy team, where you’ll find a friendly work environment, opportunities for growth and development, recognition for your work, and competitive pay and benefits.</p>
<h2>Job Summary:</h2>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">The Lead Cybersecurity Systems Engineering Analyst (Network Defense) protects the enterprise against cyber threat through collaboration, technical expertise, and leadership. The lead designs, implements, and maintains network defense solutions across Enterprise Networks (Cloud, Web and Data Center).</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Position focuses on improving cybersecurity capabilities and driving implementation of cybersecurity strategy. Enhancing the cybersecurity posture of the enterprise. The ideal candidate would have a solid understanding of:</p>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Cloud Networking and Security (AWS, Azure, OCI, GCP)</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Web communications and Security (Web Application Firewall, Content Deliver Network)</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Secure Access Service Edge (SASE); Remote access connectivity</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Corporate Datacenter networking and security.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Intermediate Cyber Architecture knowledge.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Hands-on technical experience with Network Defense Systems (i.e., Firewalls, WAF/CDN, networking infrastructure).</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Terraform, and</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Project Management.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Employees at this level solve complex problems, manage work plans, and provide leadership to others in areas of specialization, with no supervision and increased latitude for decision making. Incumbents function in lead roles providing guidance to others.</p>
<h2>Responsibilities & Duties:</h2>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Leads projects and provides project management concepts to ensure project delivery and management.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Able to manage multiple projects and initiatives simultaneously.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Installs, configures, tests, operates, maintains, and manages network defense systems including hardware and software that secure networks, applications, and data.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Maintains compliance with cybersecurity and regulatory requirements through technical control implementation.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">The Lead is expected to produce technical guidance and training through process and procedure development.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Make recommendations to optimizing Network Defense Firewall Management processes, procedures, and policy.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Operationalizes new security solutions for Network Defense Firewall Management</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Stay informed on evolving technology. This role requires ongoing skill development, and the ability to learn new technology and software platforms.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proactively identifies/makes recommendations on potential security issues and solutions.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Leads investigation/troubleshooting efforts during service disruption events. Diagnose and resolve customer reported system incidents, problems, and events.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Interacts with Cybersecurity Architecture to understand, apply, and enforce security requirements.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Participate in the planning and implementation of projects.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Assist in management and oversight of Network Defense Projects and Engineering.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Drive continuous improvement of processes and procedures to improve analysis, detection, and mitigation of incidents in support of the overall Cyber Defense mission.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">The Lead is expected to be a main point of contact for technical expertise and escalation. This would consist of CIRT support, troubleshooting, and on-call support.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Serve as point-person and subject matter expert for issues and projects.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Maintains up-to-date documentation of the security infrastructure and security strategies.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Understands enterprise security standards/requirements.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Provides increased availability during Storm Mode conditions and CIRT events.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Adheres to proper Change Management and Human Performance requirements and processes.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">The Network Defense Projects and Engineering Lead will be expected to represent Network Defense Projects and Engineering Management professionally and build collaborative relationships across Enterprise Technology & Security.</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">The Lead is expected to provide project and team measures, with updates to management as needed. This includes development and update on project measures; meeting with leadership to discuss team status/objectives; and provide leadership coverage when requested.</span></li>
</ul>
<h2>Basic/Required Qualifications:</h2>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">High School/GED</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">12 years minimum Required Related Work Experience</span></li>
</ul>
<h2>Desired Qualifications:</h2>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Master’s degree in Cybersecurity, Computer Science, IT, or other closely related discipline</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Hands on experience working with Web Application Firewall and Content Delivery Network</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Hands on experience working with Palo Alto Networks next-generation firewalls</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Hands on experience with Cloud security solutions (AWS/Azure/OCI/GCP Cloud Native Security)</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Hands on experience with Secure Edge solutions for SASE implementation, or similar remote access methodology</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Hands on experience with Terraform</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Knowledge of application-aware firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing)</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Knowledge of networking and Internet communications fundamentals (i.e. devices, device configuration, hardware, software, applications, ports/protocols, addressing, network architecture and infrastructure, routing, operating systems, etc.)</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems)</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Skill in performing packet-level analysis</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience troubleshooting across firewall infrastructure with various third-party tools</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Direct background or exposure to cyber security operations</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Skill in managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience in developing network architectures</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience in Web security and compliance experience (e.g., Firewalls, IDS/IPS systems, DDOS prevention and PCI, HIPAA, FIPS, etc.)</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong Linux or Windows system administrator skills</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Expertise in API integrations</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Coding and scripting experience</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">NERC CIP Compliance experience</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Knowledge of Duke Energy Cybersecurity standards and requirements</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Experience in Data Center environment</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Ability to perform self-directed work and to independently prioritize daily work</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Ability to carry out daily work responsibilities with minimal supervision</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Strong team player and ability to manage multiple tasks and assignments</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Demonstrated leadership in technical roles</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Proven ability to speak and write about complex technical topics to a less technical audience</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Demonstrated leadership identifying improvement opportunities and solutions</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Palo Alto Networks Certified Network Security Engineer (PCNSE)</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Certified Information Systems Security Professional (CISSP)</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">SANS/GIAC Certifications (GCIA/GCIH/GCFA)</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Cisco CCNA</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Cisco CCNP Enterprise/Security</span></li>
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Relevant Cloud Security Certifications</span></li>
</ul>
<h2>Working Conditions:</h2>
<ul class=" text-base sm:text-lg marker:text-color list-inside list-disc text-gray-500 list-disc list-outside pl-3 mb-6">
<li class=" leading-snug mb-2 pl-2"><span class="text-gray-200">Virtual Mobility Classification – Work will be performed from a remote location after the onboarding period. However, virtual employees should live within a reasonable commute to a Duke Energy facility.</span></li>
</ul>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">**<strong class=" font-semibold">Travel Requirements</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">5-15%</p>
<h3 class=" text-white font-semibold text-lg mb-2">Relocation Assistance Provided (as applicable)</h3>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">No</p>
<h3 class=" text-white font-semibold text-lg mb-2">Represented/Union Position</h3>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">No</p>
<h3 class=" text-white font-semibold text-lg mb-2">Visa Sponsored Position</h3>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">No</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">**<strong class=" font-semibold">Posting Expiration Date</strong></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">Friday, October 4, 2024</p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3">All job postings expire at 12:01 AM on the posting expiration date.</p>
<h3 class=" text-white font-semibold text-lg mb-2">Please note that in order to be considered for this position, you must possess all of the basic/required qualifications.</h3>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><a href="https://www.duke-energy.com/legal/privacy" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">Privacy</a></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><a href="https://www.duke-energy.com/legal/ccpa-opt-out-request-form" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">Do Not Sell My Personal Information (CA)</a></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><a href="https://www.duke-energy.com/legal/terms-of-use" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">Terms of Use</a></p>
<p class=" text-gray-200 text-base sm:text-lg leading-relaxed mb-3"><a href="https://www.duke-energy.com/customer-service/accessibility" target="_blank" class="break-all font-medium underline hover:opacity-75" rel="noopener noreferrer nofollow">Accessibility</a></p>
