Associate Operations Cybersecurity Analyst OR Operations Cybersecurity Analyst

About the position This position will support the Nuclear Cyber Security program. The Nuclear Cyber Security organization provides direct service and support to all Nuclear generating stations (2 states, 6 sites) and general office (NGO) to ensure compliance with the Nuclear Regulatory Commission (NRC) regulated Duke Energy Nuclear Cyber Security Plan and requirements. This includes response to cyber security threats and events, implementing the cyber security program, and on-going management of the cyber security program. The cyber security program encompasses all infrastructure asset including but not limited to firewalls, data diodes, SIEM, industrial control systems (ICS), and other digital assets scoped into the program. This position is responsible for analysis and implementation of complex cyber security solutions which address real and potential threats specific to Nuclear generation assets and equipment. This analyst will coordinate across one or more nuclear operating stations including NGO to ensure overall Nuclear safety and power plant operation are maintained. This will involve solving complex cyber security problems, participate in projects impacting cyber security, perform cyber security assessments, hardening of critical digital assets (CDA), and others. This position will also contribute to the ongoing development and revision of the Nuclear Cyber Security Program to maintain a strong cyber security posture and improve efficiency. This will include revision of program policy and procedures, participate in industry working groups, build positive relationship with internal and external organizations. This position requires understanding of the integrated generating plant systems as well as processes to secure plant cyber assets. The analyst shall demonstrate an understanding of the impact of cybersecurity processes on generating systems and the overall electric grid.

Responsibilities

• Lead small cyber security projects and efforts.
• Assist in development and revision of the ongoing strategy of the Nuclear Cyber Security Program and make change where possible to improve efficiency and compliance.
• Access and respond to cyber security events and incidents.
• Participate or lead internal and external (industry) working groups or committees.
• Basic knowledge of IT and Cybersecurity policy, standards, processes, resources, and controls
• Provide technical and administrative support to other groups to assist with the cyber security program requirements.
• Participate in the Team’s duty rotation.
• Build positive relationship with different organizations and personnel.
• Willingness to accept new responsibilities and be eager to learn new concepts and technologies.

Requirements

• Associate Operations Cybersecurity Analyst
• Associates Degree or Associate’s Degree in Computer Science or Engineering
• In lieu of Associate degree, high school diploma/GED and 2 years direct related experience
• Operations Cybersecurity Analyst
• Bachelor’s degree in Engineering, Cybersecurity, or Computer Science and 2 years direct related experience.
• In lieu of Bachelor’s degree, high school diploma/GED and 6 years direct related experience

Nice-to-haves

• Experience with the nuclear cyber security program including NEI standards (NEI 08-09, NEI 13-10, and NEI 04-04)
• Experience with NIST cyber security controls.
• Demonstrated knowledge of technical and programmatic cyber security controls and protection strategies
• Demonstrated knowledge of computer networks, servers, and cyber security related appliances (firewalls, and SIEM).
• Experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols.
• Working knowledge of Industrial Control Systems (ICS) Cyber Security and Operational Technology (OT)
• Working Knowledge of various programing languages (PowerShell, VBA, etc.)
• Working Knowledge of Splunk Enterprise SIEM
• Demonstrated ability to work effectively with personnel at all levels of the organization (client, staff, management, etc.)
• Demonstrated project management and leadership skills.
• Excellent analytical ability, consultative, and communications skills
• Able to achieve nuclear site Unescorted Access.