Duke Energy IT Cybersecurity - Cybersecurity Operations Center Analyst (CSOC) in Charlotte, North Carolina
Title: IT Cybersecurity - Cybersecurity Operations Center Analyst (CSOC) Location: North Carolina-Charlotte-DE Busn Svcs-Charlotte,NC(NW) (1037) Job Number: 139047
The Cybersecurity Operations Center Analyst is responsible for detecting, assessing and responding to cyber security events and incidents across the Duke Energy environment. The Analyst will work closely with peers, other internal/external teams and management in a 24x7 Cybersecurity Operations Center (CSOC) environment. The Analyst also is responsible for following processes and procedures as defined by Cybersecurity leadership and the Computer Incident Response Team (CIRT).
The ideal candidate will be expected to solve problems with general supervision, solve complex problems, and provide leadership to others on areas of specialization. They are also expected to develop skills and knowledge in the realm of cyber security tools including logging / event management, antivirus, proxies and networking. Support component involves handling of tickets, change requests, and working with end users if problems arise. Candidate is expected to work closely with team members in addition to key vendors and other IT teams (Workstation Design & Support, Data Network, Server Support, etc.). Candidate is expected to participate in a 24x7 off hours support rotation in an on call capacity.
#LI-POST Qualifications: Basic/Required Qualifications:
•Bachelor’s degree in Cybersecurity, Computer Science, MIS or other degrees with high level understanding of network and application security and information systems •Three (3) or more years of direct work related experience in addition to a degree
• Experience working in a SOC or CSOC team • Direct background or exposure to cyber security operations • Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies • General networking understanding and/or experience to include Understanding of TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB • Windows and UNIX/Linux command line scripting experience and programming experience • Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs) • Experience with forensics and malware analysis concepts and methods • Experience with analyzing intelligence • Knowledgeable of Duke Energy’s IT Security policies • Possession of multiple industry standard certifications such as SANS GIAC/GCIA/GCIH/GCFA, CISSP, CISA, CISM, etc. or other network / system security certifications • Innovative – ability to recognize and seek improvement and efficiency opportunities • Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain Job: IT Development and Administration