Sunday , March 3 2024

Senior Cybersecurity Governance & Risk Analyst – Duke Energy Internship

Website Duke Energy

Job Description:

This position will solve more complex problems, in multiple areas of specialization within IT/OT and NERC CIP compliance, with general supervision. Incumbents are expected to develop advanced skills and the ability to work with greater independence. They effectively apply fundamental concepts and procedures to work that is fairly complex and varied. This position will work collaboratively internally and with Business partners to solve complex problems for the company.

Job Responsibilities:

  • Review Duke’s security standards, security baselines, performance metrics, plan, and conduct performance assessments of regulated asset security
  • Collaborate with CPM leadership to make sure security technologies, processes, and people align with Duke’s strategic plan and budget
  • Receives work assignments and works with review and direction by management or team leads
  • Demonstrates working knowledge of IT/OT, and Cybersecurity policy, standards, processes, controls and functional areas
  • Basic knowledge of IT/OT and Cybersecurity policy, standards, processes, resources and controls
  • Monitor and evaluate the effectiveness of the enterprise’s cybersecurity safeguards to ensure they provide the intended level of protection
  • Carries out individual work assignments of a less complex nature to meet established work schedules
  • Assess or assist in the assessment in the effectiveness of all regulatory Mitigation Plans and corresponding Milestones
  • Provides timely customer support to deliver compliance results to internal and external parties
  • Able to apply process and controls knowledge to meet compliance requirements and convey corresponding Key Performance Indicators

Qualification & Experience:

  • Knowledge in validating the organization against policies/guidelines/procedures/regulations/laws to ensure compliance
  • In lieu of Bachelors degree(s) AND five (5) years minimum related work experience listed above, High School/GED AND nine (9) years minimum utility, cyber security, auditing, compliance, regulatory, NERC-CIP or related work experience
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
  • Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality regulatory security assessment products
  • Skill in developing security compliance processes and/or assisting in external audits
  • Experience in Cybersecurity, preferably with risk identification and management, audit and compliance, policy development and maintenance, evaluation of control requirements, security and related industry regulatory issues
  • Bachelors degree in Cybersecurity or related discipline
  • In addition to required degree, five (5) years minimum utility, cyber security, auditing, compliance, regulatory, NERC-CIP or related experience. related work experience
  • Knowledge in reviewing service performance reports identifying any significant issues and variances, initiating, where necessary, corrective actions and ensuring that all outstanding issues are followed up
  • Expert knowledge of Cybersecurity frameworks such as NIST and/or NERC CIP

Job Details:

Company: Duke Energy

Vacancy Type:  Full Time

Job Location: Charlotte, NC, US

Application Deadline: N/A

Apply Here