Senior Cybersecurity Firewall Analyst – NERC CIP Operational Compliance

Job Expired

More than a career – a chance to make a difference in people’s lives.

Build an exciting, rewarding career with us – help us make a difference for millions of people every day. Consider joining the Duke Energy team, where you’ll find a friendly work environment, opportunities for growth and development, recognition for your work, and competitive pay and benefits.

Job Summary

This NERC CIP operational compliance position undertakes comprehensive ownership of activities, processes, procedures, documentation, compliance tools, and evidence procurement as required by the Duke Energy IT503 Cybersecurity Program and NERC CIP Reliability Standards to ensure Firewall Management team and assets satisfy compliance requirements. The position leverages NERC CIP, Cybersecurity and firewall related technical skill sets to effectively manage NERC CIP compliance in the Firewall Management area.


  • Performs operational activities required to fulfill IT503 & NERC CIP standards.
  • Performs ongoing comprehensive maintenance of existing documentation, processes, procedures and activities.
  • Closely monitors configuration changes related to in-scope NERC CIP assets.
  • Identifies areas of concern and works with leadership team to address.
  • Serves as subject matter expert (SME) for relevant IT503 & NERC CIP standards.
  • Key role in all audit preparation activities
  • Ensures time sensitive compliance activities and dates are met.
  • Trains teams on key aspects and implications of compliance requirements.
  • Represents Cyber Security organization professionally with other IT groups, compliance organizations, leadership team, and internal business partners.
  • Executes activities that support and fulfill compliance program requirements.
  • Forecasts and documents compliance activity time requirements.
  • Provides input on future requirements and develops compliance roadmap.
  • Provide compliance recommendations and documentation when working on projects with NERC CIP impact.
  • Performs ongoing comprehensive reviews of existing compliance tools.

Required/Basic Qualifications

  • Bachelor’s degree in Information Systems, Computer Systems Technology, or other related discipline
  • In addition to required degree, five (5) years minimum of related work experience
  • In lieu of Bachelor’s degree AND five (5) years minimum of related work experience listed above, High School/GED AND nine (9) years minimum related work experience

Desired Qualifications

  • Technical aptitude related to IP based devices and systems.
  • Current relevant industry certification (e.g. CompTIA Security+, CEH, GSEC, CCNA)
  • Proven ability to speak and write about compliance requirements.
  • Demonstrated commitment to personal and team success.
  • Ability to perform self-directed work.
  • Ability to carry out work responsibilities with minimal supervision.
  • Ability to manage multiple tasks and assignments.
  • Excellent interpersonal skills with the ability and willingness to share information knowledge transfer to others.
  • Increased availability as required especially during audit prep activities and audits.
  • Firewall management experience.
  • Experience with Microsoft SharePoint
  • 2-3 years experience with NERC CIP compliance requirements
  • General knowledge of Duke Energy’s core business, including SCADA and Energy Management System (EMS)
  • Understanding of Security Information and Event Monitoring (SIEM) systems
  • Experience with Cisco ASA Firewalls, Palo Alto Firewalls, and Linux based systems
  • Strong understanding of Duke Energy’s IT503 NERC CIP compliance program.
  • Strong understanding of compliance tools and processes.
  • Compliance audit experience.
  • Experience with Remedy/Footprints or lT Service Management tools and processes
  • Experience with Tripwire Enterprise and IP360.
  • History of noteworthy contributions in previous roles.

Working Conditions

  • Hybrid – Work will be performed from both remote and onsite locations after the onboarding period. However, hybrid employees should live within a reasonable commute to the designated Duke Energy facility.

Travel Requirements


Relocation Assistance Provided (as applicable)


Represented/Union Position


Visa Sponsored Position


Posting Expiration Date

Monday, April 11, 2022

All job postings expire at 12:01 AM on the posting expiration date.

Please note that in order to be considered for this position, you must possess all of the basic/required qualifications.


Do Not Sell My Personal Information (CA)

Terms of Use


Job ID : R20664

More Information

  • This job has expired!

Leave your thoughts

Share this job

12th Anniversary Top InfoSec Innovator & Black Unicorn Awards for 2024 are now Open! Finalists Notified Before BlackHat USA 2024...