Lead Cybersecurity IAM Analyst

More than a career – a chance to make a difference in people’s lives.

Build an exciting, rewarding career with us – help us make a difference for millions of people every day. Consider joining the Duke Energy team, where you’ll find a friendly work environment, opportunities for growth and development, recognition for your work, and competitive pay and benefits.

Position Summary

This is the fourth level of the Directory Services and Data Protection Analyst classification hierarchy. Employees at this level manage work with minimal supervision. Incumbents are expected to develop advanced skills and to have the ability to work independently, with guidance limited to unusual or complex projects or issues. They are fully competent in use of concepts and procedures. They identify problems, develop solutions and take actions to resolve.

Incumbents function in lead roles providing guidance to others. They are also expected to have advanced skills in threat intelligence processing, forensics, Network defense, and have the ability to work independently.


  • Assist and/or lead the implementation of projects across our internal team for advancing our security posture or capabilities. Also assist other areas with project deliverables across cybersecurity and other business units

  • In-depth knowledge of IT processes and resources

  • Able to measure and identify areas for improvement

  • Employ secure configuration management processes.

  • Work with IAM manager to develop, establish and execute processes and procedures

  • Ability to provide operational support for incident tickets, broke-fix, consultations, and implementation of change controls. Train and lead other analysts on the policies and procedures of IAM. Review their research, analysis and conclusions for completeness. Provide feedback and mentoring to staff.

  • Ability to participate in on-call rotation to provide 24/7 client support

  • Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

Required/Basic Qualifications

  • Bachelors degree in Managing Information Strategies (MIS), Computer Science, Cybersecurity or related discipline

  • In addition to required degree, eight (8) years minimum related work experience

  • In lieu of Bachelors degree(s) AND eight (8) years minimum related work experience listed above, High School/GED AND 12 years minimum related work experience

  • Microsoft Certified Solutions Expert: Server Infrastructure and CISSP and CompTIA Security+

Desired Qualifications

  • Experience in Cybersecurity, preferably with directory services and/or data protection

  • Excellent analytical ability, consultative, and communication skills, strong judgment and the ability to work effectively with client and IT management and staff, vendors and consultants.

  • High level understanding of Cybersecurity practices/programs

  • Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).

  • Skill in developing and applying security system access controls.

  • Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).

  • Skill in evaluating the adequacy of security designs.

  • Manage accounts, network rights, and access to systems and equipment.

  • Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

  • Knowledge of authentication, authorization, and access control methods.

  • Ability to function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.

  • Knowledge to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

  • Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).

  • Assess the validity of source data and subsequent findings.

  • Knowledge of multi-level security systems and cross domain solutions.

  • Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

  • Perform cyber defense trend analysis and reporting.

  • Knowledge of cryptography and cryptographic key management concepts

  • Knowledge of Personally Identifiable Information (PII) data security standards.

  • Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).

  • Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.

  • Advise senior management on risk levels and security posture.

  • Oversee installation, implementation, configuration, and support of system components.

Working Conditions

  • Hybrid – Work will be performed from both remote and onsite locations after the onboarding period. However, hybrid employees should live within a reasonable commute to a Duke Energy facility.

Travel Requirements


Relocation Assistance Provided (as applicable)


Represented/Union Position


Visa Sponsored Position


Posting Expiration Date

Thursday, March 24, 2022

All job postings expire at 12:01 AM on the posting expiration date.

Please note that in order to be considered for this position, you must possess all of the basic/required qualifications.


Do Not Sell My Personal Information (CA)

Terms of Use


Job ID : R19134

More Information

Apply for this job

Leave your thoughts

Share this job