Senior Cybersecurity Architect

Build an exciting, rewarding career with us - help us make a difference for millions of people every day. Consider joining the Duke Energy team, where you'll find a friendly work environment, opportunities for growth and development, recognition for your work, and competitive pay and benefits.

As a member of the Cybersecurity Architecture and Assessment Team, the Sr. Security Architect will provide security solution architecture services across Duke. Helps set and maintain policies, procedures, and standards for network build outs and updates. Plan for security requirements and provide analysts and IT or OT staff guidance to secure design and architecture, solution placement and configurations and effectively managing risks / threats. Ensures that the stakeholder security requirements necessary to protect the organization's mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.

Collaborate with Cybersecurity leadership and architects to make sure security technologies, processes, and people align with Duke's strategic plan and budget

• Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to Duke Energy (e.g., PUBLIC, CONFIDENTIAL, and RESTRICTED).

• Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.

• Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.

• Analyze candidate architectures, allocate security services, and select security mechanisms.

• Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.

• Develop enterprise architecture or system components required to meet user needs.

• Document and update as necessary all definition and architecture activities.

• Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.

• Translate proposed capabilities into technical requirements.

• Assess and design security management functions as related to cyberspace.

• Collaborate with application assessment team to ensure applications developed in-house comply with industry practices such as following coding standards, static / dynamic code review, and pre-production testing.

Maintain Duke's overall security strategy, mechanisms for policy enforcement, definition of ownership, monitoring mechanisms, and process controls

Define Duke's security standards, security baselines, performance metrics, plan, and initiate periodic performance reviews for the cybersecurity architecture and assessment team and vendors

Design network security solutions, select standard products and develop common techniques to meet Duke's business requirements

Continually monitor and support network security solutions including architecture and technologies and improve the architecture in order to meet performance and risk management objectives

Provide guidance to Duke's Architecture Review Committee (ARC) and Cybersecurity Architecture Review board (CAR) for system design updates, provisioning and de-provisioning, maintenance, scanning, etc. regarding cybersecurity

• Bachelors degree in Cybersecurity, Managing Information Strategies (MIS), or Computer Science

• Minimum 5 years related work experience

• In lieu of Bachelors degree(s) AND 5 year(s) related work experience listed above, High School/GED AND 9 year(s) related work experience

Experience in Cybersecurity field preferably with knowledge of platform, application, storage, network, and virtualization

Expert knowledge in security solution architecture design and implementation

Expert in 3+ of the 10 security domains.

• Access Control Systems and Methodology

• Telecommunications and Network Security

• Business Continuity Planning and Disaster Recovery Planning

• Security Management Practices

• Security Architecture and Models

• Law, Investigation, and Ethics

• Application and Systems Development Security

• Cryptography

• Computer Operations Security

• Physical Security

Expert in assessing network and system designs for IT or OT systems

Experience in OWASP web application security testing framework

Working knowledge of Cybersecurity frameworks such as NIST

Knowledge and experience in Security Policy writing and governance responsibilities Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)

Skill in designing multi-level security/cross domain solutions

Ability to design architectures and frameworks

Ability to think like threat actors

Identify and prioritize critical business functions in collaboration with organizational stakeholders

Knowledge of cybersecurity and privacy principles

Skill in discerning the protection needs (i.e., security controls) of information systems and networks

Skill to identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations

Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes

• Hybrid Mobility Classification - Work will be performed from both remote and onsite locations after the onboarding period. However, hybrid employees should live within a reasonable daily commute to a Duke Energy facility.

• Office Environment

Travel Requirements

Posting Expiration Date

All job postings expire at 12:01 AM on the posting expiration date.

Privacy

Do Not Sell My Personal Information (CA)

Terms of Use

Accessibility