Demo

Cybersecurity Analyst

Duke Energy
Wilmington, NC Full Time
POSTED ON 2/14/2025
AVAILABLE BEFORE 5/13/2025

More than a career - a chance to make a difference in people's lives.

Build an exciting, rewarding career with us - help us make a difference for millions of people every day. Consider joining the Duke Energy team, where you'll find a friendly work environment, opportunities for growth and development, recognition for your work, and competitive pay and benefits.

Job Summary

The Cybersecurity Operations Center Analyst is responsible for the support, maintenance and development of tools utilized to generate cyber security events and incidents across the Duke Energy environment. The Analyst will work closely with peers, other internal / external teams and management in a 24x7 Cybersecurity Operations Center (CSOC) environment. The Analyst is also responsible for following processes and procedures as defined by Cybersecurity leadership and the Computer Incident Response Team (CIRT). They will typically perform in a role similar to systems administrator with a focus on detection and correlation of cyber events related to managed systems.

Responsibilities

  • Conduct network, endpoint, cloud network, and log analysis by utilizing various consoles on a regular basis to analyze and triage cybersecurity events (e.g., SIEM, IPS, firewall, etc.) and perform continuous hunt across the environment. Reconstruct cyber events, assess cyber threat and scope of impact, identify and track any internal lateral or external movement, and develop response solutions. Research and track new exploits and cyber threats, particularly as it relates to the cloud environment and containers.
  • Interact with security community, and government agencies to obtain technical cyber threat intelligence. Track cyber threat actors / campaigns based off technical analysis and open source / third party intelligence.
  • Research and track new exploits and cyber threats.
  • Assists with containment of threats and remediation of environment during or after an incident
  • Conduct cursory and / or in-depth analysis (i.e. packet captures, endpoint behaviors, etc.), or collaborate with peers when appropriate for hand-offs / escalations.
  • Conduct analysis of malicious code and weaponized documents through behavioral analysis or reverse engineering.
  • Request and track mitigations to address cyber threats and lead other incident response coordination and remediation activities. Communicate and report on key intelligence, analysis and response activities, relevant metrics, and KPIs.
  • Enhance and tune detections and alerts and other cyber event correlation rules to reduce false positives. Provide creative and innovative solutions to automate and enhance processes and capabilities
  • Provide 24x7 operational support for escalations on a rotating shift basis

Basic / Required Qualifications

  • Bachelors degree in Managing Information Strategies (MIS), Computer Science, or Cybersecurity
  • Minimum 2 Years of Required Related Experience
  • In lieu of Bachelors degree AND 2 years related work experience listed above, High School / GED AND 6 year(s) related work experience
  • Desired Qualifications

  • Experience in Cybersecurity, preferably with SIEM technology, event logging and detection mechanisms. Knowledge of foundational computer elements from the operating system, memory and BIOS to TCP / IP, routing and network topology.
  • 2 years experience in a security operations center and / or system administration role
  • Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings and provide briefings to various levels of staff / management.
  • Demonstrated effective oral and written communication skills
  • Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • Team player, works well with others
  • Direct background or exposure to cyber security operations
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • Windows and UNIX / Linux command line scripting experience and programming experience.
  • Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
  • Familiarity or experience with the Cyber Kill Chain® methodology & MITRE's ATT&CK Framework®
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language / Structured Query Language [PL / SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Innovative - ability to recognize and seek improvement and efficiency opportunities
  • Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain. "
  • Working Conditions

  • Hybrid Mobility Classification - Work will be performed from both remote and onsite locations after the onboarding period. However, hybrid employees should live within a reasonable daily commute to a Duke Energy facility.
  • Office Environment
  • LI-ZM1

    Travel Requirements

    Not required

    Relocation Assistance Provided (as applicable)

    Represented / Union Position

    Visa Sponsored Position

    Posting Expiration Date

    Tuesday, February 11, 2025

    All job postings expire at 12 : 01 AM on the posting expiration date.

    Please note that in order to be considered for this position, you must possess all of the basic / required qualifications.

    Privacy

    Do Not Sell My Personal Information (CA)

    Terms of Use

    Accessibility

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Cybersecurity Analyst?

    Sign up to receive alerts about other jobs on the Cybersecurity Analyst career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $87,466 - $114,731
    Income Estimation: 
    $114,790 - $146,930
    Income Estimation: 
    $115,647 - $153,495
    Income Estimation: 
    $149,432 - $188,965
    Income Estimation: 
    $179,455 - $227,077
    Income Estimation: 
    $163,631 - $209,073
    Income Estimation: 
    $192,911 - $256,346
    Income Estimation: 
    $99,793 - $130,112
    Income Estimation: 
    $125,027 - $157,872
    Income Estimation: 
    $125,027 - $157,872
    Income Estimation: 
    $149,432 - $188,965
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Duke Energy

    Duke Energy
    Hired Organization Address York, SC Full Time
    More than a career - a chance to make a difference in people's lives. Build an exciting, rewarding career with us – help...
    Duke Energy
    Hired Organization Address Owensville, IN Full Time
    More than a career - a chance to make a difference in people's lives. Build an exciting, rewarding career with us - help...
    Duke Energy
    Hired Organization Address Eden, NC Full Time
    More than a career - a chance to make a difference in people's lives. Build an exciting, rewarding career with us – help...
    Duke Energy
    Hired Organization Address Concord, NC Full Time
    More than a career - a chance to make a difference in people's lives. Build an exciting, rewarding career with us – help...

    Not the job you're looking for? Here are some other Cybersecurity Analyst jobs in the Wilmington, NC area that may be a better fit.

    Cybersecurity Specialist

    Alesig Consulting LLC, Southport, NC

    AI Assistant is available now!

    Feel free to start your new journey!