The Cybersecurity Operations and Engineering team is responsible for ensuring that Duquesne Light systems and networks are secure. This is done through the deployment of security solutions,executing system and application hardening, vulnerability assessments, and diligent monitoring of networks and systems for signs of infection, compromise,and misconfiguration. Additional responsibilities include ensuring that network and system designs are done in a way to minimize risk while allowing for necessary functionality, and Incident Response to any security breaches. This group is accountable to communicating information security risk to management.
· Provides subject matter expertise when applying cybersecurity concepts and technologies.
· Provides cybersecurity engineering expertise and support to improve existing information technology systems.
· Work with Information Technology and the Cybersecurity to develop and institute a secure system /network.
· Work with Information Technology in the maturation, implementation, and configuration of endpointsecurity controls including but not limited to antivirus, whitelisting, patch management and encryption technologies.
· Develop and help Information Technology implement platform and network security controls.
· Ensure optimal configuration standards are met on existing infrastructure.
· Monitor daily for cybersecurity events on DLC's network, and report findings to the Cybersecurity Operations Manager.
· Review endpoints to confirm compliance with endpoint security policies, procedures, and standards.
· Ensure successful vulnerability scanning and patch management process.
Test compatibility of endpoint security controls with new configurations or new endpoint operating systems.
· Strong understanding ofMicrosoft Windows Operating Systems, Linux Operating Systems and Networking andFirewall Infrastructure
· Strong interpersonal,communication and organizational skills with the ability to exhibit soundjudgment and express verbal and written information effectively
· Experience with endpointsecurity and advanced malware protection technologies.
· Experience with active andpassive vulnerability scanning tools
· Preferred experience with webapplication testing and scanning
· Experience with softwarevulnerability management tools.
· Experience with security information and event management
Education/Experience Requirements: Bachelor's Degree with 10 + years of relevant experience.