Get Into Energy Jobs

Job Information

Duquesne Light Company Supv Cybersecurity Incident Resp in Pittsburgh, Pennsylvania

Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy, providing a secure supply of reliable power to more than half a million customers in southwestern Pennsylvania.

Duquesne Light Company is committed to creating a culture of inclusion. We value and respect the unique differences and experiences of our employees. We believe that our differences lead to better collaboration, innovation and outcomes. We want you to join our team!

Job Title: Team Lead, Cybersecurity Incident Response (CIRT)

Team: Information Security

Status: EXEMPT

Overall Purpose:

The Cybersecurity Incident Response Team (CIRT) is responsible for ensuring effective detection and response to all security incidents at Duquesne Light. CIRT operates as part of the Office of the CISO under the Cyber Security Operations and Engineering (“SecOps”) team. The SecOps team is responsible for ensuring that Duquesne Light corporate systems and networks are designed and operate in a secure manner that minimizes the risk to a level acceptable to management.

Responsibilities:

  • Lead and serve as a mentor for internal Threat Hunting, Incident Response, and Forensics, actively improving our capabilities

  • Partner with Cyber Security Operations and Engineering groups to improve operations, detection, response, and recovery

  • Drive end-to-end Cybersecurity incident response activities, serve as an escalation point for high priority or complex incidents

  • Drive continuous refinement and improvement of incident response processes, playbooks and Standard Operating Processes (SOPs)

  • Grow and mature Threat Intelligence Program and applicability of detected threats to drive actionable intelligence

  • Identify gaps in visibility and detection methodologies. Regularly evaluate current log quality and content development strategies, identify new data sources to enrich logs and new threat detection logic

  • Provide incident metrics to other Cybersecurity and business leadership

  • Build and maintain relationships with IT and business stakeholders

  • Build and maintain relationships with local law enforcement and cyber defense authorities

  • Build and maintain relationships with key vendors

  • Participate in internal and/or external audits as required

  • Assist in developing and enhancing Cybersecurity strategy and roadmap

  • Collaborate with Cybersecurity and IT Risk Management peers to improve automated correlation, vulnerability scanning, code review/applications testing, and other detection security tools

  • Manage security tools and associated professional service contracts and deliver capabilities

  • Partner with Infrastructure and Security leadership teams to develop use cases for security automation and response, logging, monitoring and threat defense

  • Contribute to the execution of Cyber Security operations, incident response, and investigations spanning across all functions of the Cybersecurity organization

Requirements/Qualifications:

  • 12 to 15 years of experience in IT and associated fields with a minimum of 5 to 8 years in the Information Security area

  • 3+ years of experience in leading Cybersecurity Operations, threat hunt, incident response, digital and/or network forensics, threat, and vulnerability management functions

  • Demonstrated ability to lead technical teams and strategic projects

  • Strong communication and problem solving skills

  • Development of incident response, operations processes and playbooks

  • Understanding common security tools, instrumentation, and detection methodologies – EDR, SIEM, IDS/IPS, proxies, etc.

  • Understanding core networking concepts (TCP/IP, etc.) and common protocols (HTTP, SMB, etc.)

  • Understanding of tools and techniques used by hackers to breach networks, server systems, cloud workloads, or applications

  • Demonstrated understanding of security-related technologies and practices including; authentication and authorization systems, endpoint protection, encryption, segmentation strategies, vulnerability management, network, and Host Incident Detection and Prevention, Data Loss Prevention, Data Security, risk-based and strong authentication, cloud access security, secure remote access, firewalls, Application Security, etc.

  • Diverse technical background and exposure to enterprise networking, firewall, storage options, server infrastructure, operating systems, application development, database technologies, desktop operating systems and Cybersecurity

  • Deliver on SLA/OLA commitments under tight deadlines and/or budgetary and other resource constraints

  • Experience working in transmission and distribution operations services industry or other highly regulated and/or compliance-oriented environments

  • Exposure to security standards NIST Cyber Security Framework, NIST SP800-61 R2 and ISO/IEC 27035

Requirements/Education:

  • Prefer a Bachelor’s or Higher Degree in Computer Science, Cybersecurity, Engineering or associated field. Relevant experience and/or certifications will be considered in lieu of a degree

  • Prefer one or more relevant Cybersecurity certification such as CISSP, CISM, GCFE, GCIH, 3CCE, EnCE, OR digital forensics / incident response certification

Duquesne Light Company is committed to providing equal employment opportunity to all people in all aspects of the employment relationship, without discrimination because of race, age, sex, color, religion, national origin, disability, sexual orientation and gender identity or status as a Vietnam era or special disabled veteran or any other unlawful basis, as defined by applicable law, and fostering a workplace free of unlawful discrimination and retaliation. This policy affects decisions including, but not limited to, hiring, compensation, benefits, terms and conditions of employment, opportunities for promotion, transfer, layoffs, return from a layoff, training and development, and other privileges of employment. An integral part of Duquesne Light's commitment is to comply with all applicable federal, state and local laws concerning equal employment and affirmative action.

DirectEmployers