Duquesne Light Company Info Security Analyst II in Pittsburgh, Pennsylvania
Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy, providing a secure supply of reliable power to more than half a million customers in southwestern Pennsylvania.
Duquesne Light Company is committed to creating a culture of inclusion. We value and respect the unique differences and experiences of our employees. We believe that our differences lead to better collaboration, innovation and outcomes. We want you to join our team!
Job Family: Information Technology
Discipline: Information Security / Operations
Career Level: Associate II
Department: Information Security / Operations
We are seeking a Senior Information Security Analyst to be an individual contributor on the Cyber Security Operations and Engineering (SecOps) team, supporting corporate requirements. The Senior Information Security Analyst works under minimal supervision and is expected to understand the organization’s information security strategy and substantially contribute to the development, maintenance and implementation of the overall system-wide information security program needed for the protection of Duquesne Light. This includes managing significant bodies of work within the scope of the overall Cybersecurity program.
As part of the Cybersecurity Incident Response Team (CIRT) the Senior Information Security Analyst possesses business acumen and can proficiently assess security risk while considering system operational needs and adherence to corporate requirements, anticipating, and articulating potential operational impacts of policy and controls changes. They will utilize various tools and methods to provide support to end users, technology teams, and projects on a regular and ad hoc basis. Responsible for working collaboratively and effectively with associates across the enterprise to conduct cybersecurity activities such as, but not limited to analyzing information security risk and threat data, monitoring and investigating anomalies, developing and promulgating security controls and risk mitigation recommendations, establishing standards, determining information security-related business needs and requirements for potential projects/initiatives and contributing to the system-wide information security training and awareness program.
Develop and document technical controls for cloud, on-premises, and hybrid environments mapped to company policy and industry standards
Develop and document use case and runbooks to be used by the SecOps team
Investigate, respond, and remediate cyber events in the cloud and on premises environments
Provide system administration and support of SecOps systems and applications
Work collaboratively as part of a team, with moderate supervision to provide relevant input and feedback to develop and maintain documentation for all assigned responsibilities
Provide relevant input and feedback on the investigation and proposal of technologies and methodologies that can enhance Duquesne Light’s security and/or business continuity posture
Manage expectations and effectively communicates and collaborates with colleagues and project team members
Does not supervise others.
Roles at this level typically require a university / college degree
Proficient at technical writing and documenting procedures and processes
Hands on experience with a SIEM such as Splunk ES, QRadar, LogRhythm, or others
Hands on experience with EDR or XDR tools such as Crowdstrike, Cisco AMP, SentinelOne, or others
Hands on experience with Email Security tools such as Proofpoint, Barracuda, Mimecast, or others
Hands on experience with Microsoft Security tools
High-level of understanding and proficiency at securing public cloud environments
Position to be filled at the Analyst I, II or III level based upon relevant work experience.
Information Security certifications including Security+, CISSP, SANS GIAC
Relevant work experience between 3 and 5 years
Primary focus is on daily deliverables, outputs, and reporting. Typically, accountable for managing one’s own time and workflow. Responsibilities are generally tactical in nature and work is typically of moderate complexity requiring the incumbent to draw on previous knowledge to perform role. Continues to build knowledge base and develop capabilities by partnering with more experienced staff as needed.
Problems and issues faced are vague but may be recognizable based on experience. Accountable for some direct level of reasoning and decision making.
Strong interpersonal, communication and organizational skills with the ability to exhibit sound judgment and express verbal and written information effectively.
Good written communication and presentation skills
Demonstrated ability to interact with people and translate complex concepts into easy-to-follow ideas and present to all levels of the organization.
Comfortable to work with minimal instructions and be self-motivated to achieve results.
Time management skills
Duquesne Light Company is committed to providing equal employment opportunity to all people in all aspects of the employment relationship, without discrimination because of race, age, sex, color, religion, national origin, disability, sexual orientation and gender identity or status as a Vietnam era or special disabled veteran or any other unlawful basis, as defined by applicable law, and fostering a workplace free of unlawful discrimination and retaliation. This policy affects decisions including, but not limited to, hiring, compensation, benefits, terms and conditions of employment, opportunities for promotion, transfer, layoffs, return from a layoff, training and development, and other privileges of employment. An integral part of Duquesne Light's commitment is to comply with all applicable federal, state and local laws concerning equal employment and affirmative action.