This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Duke Energy - Charlotte, NC
posted about 2 months ago
About the position
The Cybersecurity Governance & Risk Analyst at Duke Energy plays a crucial role in ensuring compliance with federal regulations and enhancing the organization's cybersecurity posture. This position involves developing interpretations of compliance programs, modifying policies based on regulatory changes, and supporting the implementation of technologies to meet compliance and operational goals. The analyst will work independently on complex problems while collaborating with various stakeholders to ensure effective communication and understanding of compliance requirements.
Responsibilities
- Develop interpretations of Federal Compliance Programs (i.e. NERC CIP, TSA, DFARS) for internal stakeholders.
- Modify Federal Compliance Programs for cybersecurity policy based on new compliance requirements and internal requests.
- Prepare evidence and review reports on internal compliance reviews, including findings and recommendations.
- Perform Evidence Reviews and support technology implementations for compliance programs.
- Conduct internal consulting with business personnel to ensure understanding and implementation of compliance requirements.
- Provide training, change management, and communication support for compliance activities.
- Influence awareness of new compliance requirements through industry and regulatory interaction.
- Monitor and evaluate the effectiveness of cybersecurity safeguards.
- Assist in security reviews and identify gaps in security architecture.
- Correlate incident data to identify vulnerabilities and recommend remediation actions.
- Collaborate with Cybersecurity leadership to align security technologies with strategic plans.
- Communicate compliance information clearly and concisely to stakeholders.
Requirements
- Bachelor's degree in Cybersecurity or a related field.
- 5 years of related work experience, or 9 years of experience in lieu of a degree.
- Demonstrated knowledge of IT/OT and Cybersecurity policy, standards, and processes.
- Competence in using IT/OT and Cybersecurity tools and research capabilities.
Nice-to-haves
- Master's degree in Cybersecurity.
- CISA and/or CISSP certifications.
- Experience in risk identification and management, audit and compliance, and policy development.
- Expert knowledge of Cybersecurity frameworks such as NIST.
- Knowledge of risk management processes and laws related to cybersecurity.
Benefits
- Competitive pay and benefits package.
- Opportunities for growth and development.
- Recognition for work contributions.
