Apply on Employer Site

Duke Energy Corporation · 1 day ago

Sr Cybersec Sys Engineering Analyst (Firewall)

Charlotte, NC

Full-time

Hybrid

Senior Level, Lead/Staff

9+ years exp

Duke Energy Corporation is a leading energy company focused on providing reliable energy solutions. The position involves day-to-day next-generation firewall administration, support, and operations, along with project-oriented initiatives and compliance activities.

Clean EnergyEnergyHardwareHydroelectricOil and GasService Industry

No H1B

Responsibilities

Performs day to day firewall policy administration

Maintains security framework across the enterprise

Participates in cybersecurity projects and initiatives within Cybersecurity, IT, and other business units

Contributes frequently to team knowledge base

Maintains up-to-date documentation of security infrastructure, changes, and security strategies

Documents work performed

Interacts with business partners and other IT Teams as necessary to understand, apply, and enforce security requirements

Proactively identifies/makes recommendations on potential security issues and solutions

Responsible for understanding the global threat environment and general security best practices

Drive continuous improvement of processes and procedures to improve analysis, detection, and mitigation of incidents in support of the overall Cyber Defense mission

Create and drive action plans to address recurring or ongoing information security incidents

Develop and maintain reporting metrics used to measure team performance, ensure analyst adherence to processes/procedures for operational consistency, identify process improvements, coaching, training and professional development of the staff

Participate in the planning and implementation of information security technology projects. Serve as point-person and subject matter expert for issues and projects related Cyber Security Counter Threat Operations

Collaboration as appropriate with leadership and other key stakeholders

Participates in on-call rotation duties

Provides increased availability during inclement weather, cyber, and significant incidents

Adheres to proper Change Management requirements and processes

Responds to incidents in a timely manner

Configures, installs, and maintains security hardware

Deploys code upgrades

Leads investigation/troubleshooting efforts during service disruption events

Qualification

Palo Alto Networks firewallsCisco ASA firewallsCybersecurity project experienceNetwork engineering/designPalo Alto Networks Certified Network Security EngineerCisco CCNACisco CCNP Enterprise/SecurityWindowsUNIX/LinuxPythonVPN configurationNetwork monitoringAnalysisManage multiple tasksCommitment to team successTeam player

Required

HS/GED: 9 yrs work experience

Preferred

Associates: 7 yrs work experience

Bachelors: 5 yrs work experience

Master's degree in Cybersecurity, Computer Science, IT, or other closely related discipline

Hands on experience working with Palo Alto Networks next-generation firewalls

Hands on experience working with Cisco ASA firewalls

Palo Alto Networks Certified Network Security Engineer (PCNSE)

Cisco CCNA

Cisco DevNet Associate

Cisco CCNP Enterprise/Security

Cisco DevNet Professional

Other relevant industry certifications

Ability to develop firewall policy while balancing customer requirements and security controls

Ability to analyze firewall security and traffic logs

Experience tuning intrusion and malware detection capabilities on Palo Alto platform

Knowledge of application-aware firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing)

Knowledge of networking and Internet communications fundamentals (i.e. devices, device configuration, hardware, software, applications, ports/protocols, addressing, network architecture and infrastructure, routing, operating systems, etc.)

Experience with various edge security devices and architecture

Cyber security project experience

Network engineering/design/project experience

General networking understanding and/or experience to include Understanding of TCP/IP communications & knowledge of how common protocols and applications work at the network level including DNS, DHCP, HTTP, and SMB

Working understanding of security principles & desire to improve security posture of enterprise

Experience with network monitoring, analysis, and troubleshooting

Working knowledge of VPN configuration and troubleshooting

Experience analyzing network traffic

Working knowledge of NAT principles and troubleshooting

Experience and understanding of logging technology including log aggregation and configuration on firewall supporting infrastructure

Security event management experience and/or Cybersecurity operations

Windows, UNIX/Linux, Python, or related command line and scripting experience for automation and efficiency efforts

Demonstrated skill in protecting a network against various threats. (e.g., anti-malware, restrict/prevent external devices)

Experience with forensics, IOCs, and malware analysis concepts and methods

Familiarity or experience with the Cyber Kill Chain® methodology

Experience with the maintenance, configuration and operation of next-gen firewalls and other Cybersecurity tools in virtual and cloud environments