Duke Energy IT Cybersecurity - Senior Cybersecurity Operations Center Anlyst (CSOC) in Charlotte, North Carolina
Title: IT Cybersecurity - Senior Cybersecurity Operations Center Anlyst (CSOC) Location: North Carolina-Charlotte-DE Busn Svcs-Charlotte,NC(NW) (1037) Job Number: 139046
The Senior Cyber Security Operations Center Analyst will be responsible for contributing to the day-to-day operations within Cyber Security Operations. The job will include working with proxies, endpoint security, server and infrastructure protection, log and event monitoring, and other cyber related tools. This role is responsible for detecting, assessing and responding to cyber security events and incidents across the Duke Energy environment. The Analyst will work closely with peers, other internal/external teams and management in a 24x7 Cybersecurity Operations Center (CSOC) environment. The Analyst also is responsible for following processes and procedures as defined by Cybersecurity leadership and the Computer Incident Response Team (CIRT).
The ideal candidate will be expected to execute daily tasks with minimal supervision, solve complex problems, and provide leadership to others on areas of specialization. They are also expected to have advanced skills and knowledge in the realm of cyber security tools including logging / event management, antivirus, proxies and networking. Support component involves handling of tickets, change requests, and working with end users if problems arise. Candidate is expected to work closely with team members in addition to key vendors and other IT teams (Workstation Design & Support, Data Network, Server Support, etc.). Candidate is expected to participate in a 24x7 off hours support rotation in an on call capacity.
Qualifications: Basic/Required Qualifications:
•Bachelor’s degree in Cybersecurity, Computer Science, MIS or other degrees with high level understanding of network and application security and information systems •Five (5) or more years of directly work related experience in addition to a degree
• Direct background or exposure to cyber security operations • Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies • General networking understanding and/or experience to include Understanding of TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB • Windows and UNIX/Linux command line scripting experience and programming experience • Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs) • Experience with forensics and malware analysis concepts and methods • Possession of multiple industry standard certifications such as SANS GIAC/GCIA/GCIH/GCFA, CISSP, CISA, CISM, etc. or other network / system security certifications • Innovative – ability to recognize and seek improvement and efficiency opportunities • Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain Job: IT Development and Administration