Information Security Analyst I

1 week ago


Pittsburgh, United States Duquesne Light Full time

Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy, providing a secure supply of reliable power to more than half a million customers in southwestern Pennsylvania.

Duquesne Light Company is committed to creating a culture of inclusion. We value and respect the unique differences and experiences of our employees. We believe that our differences lead to better collaboration, innovation and outcomes. We want you to join our team

Overall Purpose:

DLC is seeking candidates for the role of Information Security Analyst I on the Cybersecurity Operations ("CyberOps") team, directly supporting NERC CIP requirements and critical infrastructure security. The Information Security Analyst is expected to understand the organization's information security strategy and contribute to the development, maintenance, and implementation of the overall system-wide information security program needed for the protection of Duquesne Light.

As part of the CyberOps team, the Information Security Analyst will need to possess business acumen and the ability to assess security risks, while considering system operational needs and adherence to regulatory requirements, directly anticipating and articulating potential operational impacts of policy and controls changes. They will utilize various tools and methods to provide support to end users, technology teams, and projects on a regular and ad hoc basis.

The Information Security Analyst will be directly responsible for working collaboratively and effectively with individuals across the enterprise to conduct cybersecurity activities including but not limited to: analyzing information security risk and threat data, monitoring and investigating anomalies, developing security controls/solutions and risk mitigation recommendations, executing system and application hardening, conducting vulnerability assessments, determining information security-related business needs and requirements for potential projects/initiatives, and diligent monitoring of networks and systems for signs of infection, compromise, and misconfiguration.

Location: Hybrid (see below), downtown Pittsburgh, Pennsylvania at Woods Run Complex

Job Responsibilities:

  • Investigate, respond, and remediate cyber events in DLC's critical infrastructure network environment.
  • Provide system administration and support of CyberOps systems and applications related to critical infrastructure.
  • Work collaboratively as part of a team, with moderate supervision to provide relevant input and feedback to develop and maintain documentation for all assigned responsibilities.
  • Provide relevant input and feedback on the investigation and proposal of technologies and methodologies that can enhance Duquesne Light's security and/or business continuity posture.
  • Manages expectations and effectively communicates and collaborates with colleagues and project team members.
  • Effectively and efficiently manage security event monitoring, tuning, and incident response.
  • Responsible for ensuring accurate and timely resolutions to all assigned issues relating to critical infrastructure security.
  • Monitor daily for cybersecurity events on DLC's network, and report findings to the Cybersecurity Operations Supervisor.
  • Review endpoints to confirm compliance with endpoint security policies, procedures, and standards.
  • Performs forensic analysis of host-based systems.
  • Stay up to date on changes in threat landscape impacting Duquesne's information security program.
  • Research, investigate, communicate, and integrate actionable threat intelligence information in DLC Cyber Security Operations and IT systems.
  • Perform all other duties as assigned.

Education/Certification:

  • Bachelor's degree in a related discipline such as Cyber Security, Computer Forensics, or Computer Engineering required.
    • In lieu of a Bachelor's degree, a commensurate combination of education and experience will be considered.

Preferred Experience:

  • Previous utility experience in transmission and distribution operations, or other industries utilizing SCADA systems.
  • Experience with the NERC CIP compliance framework and/or other regulatory frameworks governing Cybersecurity Operations.
  • Experience participating in security and regulatory audits, including evidence gathering and analysis.
  • Experience utilizing and managing on premise security products including Configuration Monitoring platforms, SIEM Solutions, Vulnerability Management platforms, and Endpoint Detection and Response tools.
  • Experience with Systems Administration in server environments including Microsoft Windows and Linux Operating Systems.
  • Experience with coding/scripting/database languages including Python, PowerShell, and SQL.
  • Information Security certifications including CompTIA Network +, Security +, CISSP, SANS GIAC GICSP.

Skills and Abilities Utilized in this Role Include:

  • Intermediate understanding of cybersecurity topics such as vulnerability management, incident response, endpoint protection and email security.
  • Extensive knowledge of threats, risk analysis, and the development of security systems and protocols.
  • Demonstrated ability to analyze unique data sets to identify and, where necessary, remediate changes to asset configurations.
  • Proficient at technical writing and documenting procedures and processes.
  • Strong interpersonal, communication and organizational skills with the ability to exhibit sound judgment and express verbal and written information effectively.
  • Strong written and verbal communication and presentation skills.
  • Demonstrated ability to interact with people and translate complex concepts into easy-to-follow ideas and present to all levels of the organization.
  • Strong analytical and project management skills.
  • Ability to prioritize efficiently while multi-tasking, dealing with interruptions, and working in a high paced energetic environment.

Must possess a positive attitude and strong values that fit with DLC's core values:

  • Energized to shape the future;
  • Bold in thinking and exploration of new possibilities;
  • Collaborative in approaching all challenges;
  • Responsible in commitment to safety, management of assets and finances and interaction with others;
  • Selfless in serving the community, both on the job and through volunteerism

Scope

Responsibilities are generally tactical and basic in nature; however, work may vary in type and complexity, requiring the incumbent to be flexible to adjust to the given situation. Primary focus is on daily deliverables and, outputs, while at the same time developing a knowledge of the broader context in which the work is being performed.

Decision Impact

Independent discretion or decision-making capability is mostly limited. There is normally a general framework of established boundaries to help employees perform their roles and make decisions. Situations that require deviation from this general framework are typically not made alone. The employee may recommend a solution; however, the recommendations are frequently presented to their manager or more senior-level professionals for review and approval prior to the decision being made.

Hybrid Work

Position follows our hybrid work model, with a minimum of two days working in the office and the remaining days working remotely. Reporting location and frequency may be subject to change based on job role and department needs.

Storm Roles

All Non-Union Employees will serve in storm roles as appropriate to their role and skillset. Please be sure to discuss storm roles with the hiring manager for this position, as duties can vary across the Company.Examples of storm roles could include but aren't limited to duties such as: working with operations for service center support or with the communications, customer service or government affairs teams to respond to public and customer requests for information, etc.

Data Governance

Utilize data to make business decisions as appropriate for the position, support data stewardship activities and partner with IT on underlying data needs.

EQUAL OPPORTUNITY EMPLOYER
Duquesne Light Holdings is committed to providing equal employment opportunity to all people in all aspects of the employment relationship, without discrimination because of race, age, sex, color, religion, national origin, disability, sexual orientation and gender identity or status as a Vietnam era or special disabled veteran or any other unlawful basis, as defined by applicable law, and fostering a workplace free of unlawful discrimination and retaliation. This policy affects decisions including, but not limited to, hiring, compensation, benefits, terms and conditions of employment, opportunities for promotion, transfer, layoffs, return from a layoff, training and development, and other privileges of employment. An integral part of Duquesne Light Holdings' commitment is to comply with all applicable federal, state and local laws concerning equal employment and affirmative action.

Duquesne Light Holdings is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful.

If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at HR@duqlight.com and describe the specific accommodation requested for a disability-related limitation.



  • Pittsburgh, United States Duquesne Light Full time

    Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy,...


  • Pittsburgh, United States Duquesne Light Full time

    Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy,...


  • Pittsburgh, United States Duquesne Light Full time

    Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy,...


  • Pittsburgh, United States Duquesne Light Full time

    Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy,...


  • Pittsburgh, United States Robert Half Full time

    Job DescriptionJob DescriptionWe are looking for a Security Access Management Analyst Level I to join our team in the banking industry in Hermitage, Pennsylvania. This role primarily ensures the protection of corporation information and follows all financial regulations. As a Security Access Management Analyst, you will analyze user requirements, procedures,...


  • Pittsburgh, United States Robert Half Full time

    Job DescriptionJob DescriptionWe are looking for a Security Access Management Analyst Level I to join our team in the banking industry in Hermitage, Pennsylvania. This role primarily ensures the protection of corporation information and follows all financial regulations. As a Security Access Management Analyst, you will analyze user requirements, procedures,...


  • Pittsburgh, United States Vitalant Full time

    Description Join Vitalant as a HIPAA Security Analyst and contribute to our mission of saving and improving lives. In this vital role at our Hemophilia Center, you’ll take a risk-based approach to ensure the confidentiality, integrity, and availability of healthcare information systems and data. By safeguarding sensitive patient information, you’ll help...


  • Pittsburgh, United States Vitalant Full time

    Description Join Vitalant as a HIPAA Security Analyst and contribute to our mission of saving and improving lives. In this vital role at our Hemophilia Center, you'll take a risk-based approach to ensure the confidentiality, integrity, and availability of healthcare information systems and data. By safeguarding sensitive patient information, you'll help us...


  • Pittsburgh, Pennsylvania, United States Jobot Full time

    The Chief Information Security Officer role is a critical position within our organization, responsible for ensuring the confidentiality, integrity, and availability of sensitive information.Job OverviewWe are seeking an experienced and skilled Chief Information Security Officer to lead our security efforts and protect our classified information. The...

  • Security Analyst

    6 days ago


    Pittsburgh, United States Reed Smith LLP Full time

    US Job Description Qualifications, skills, and all relevant experience needed for this role can be found in the full description below. Firm Information Reed Smith is a dynamic international law firm dedicated to helping clients move their businesses forward. With an inclusive culture and innovative mindset, we deliver smarter, more creative legal services...


  • Pittsburgh, United States Carnegie Mellon University Full time

    The Computing Services central IT department provides services that have a strategic impact on university goals. We make service decisions based on interaction and valuable input from colleagues engaged in the education, research, and administration efforts of the university. We are a learning organization and approach successes and mistakes as a learning...


  • Pittsburgh, United States Aro Talent Full time

    Responsibilities of Senior Cyber Security Analyst: Review and update the Detailed Architecture Diagram, Detailed Hardware/Software Inventory, and other system artifacts to determine the DoD IT type. Develop the baseline set of impact values for medical devices. Identify and document common controls in the Security Plan, obtaining supporting documentation...


  • Pittsburgh, United States Jobot Full time

    Job DescriptionJob DescriptionInformation Systems Security Manager with well-known and well-established non-profit research organization!This Jobot Job is hosted by: Katherine KrullAre you a fit? Easy Apply now by clicking the "Apply Now" buttonand sending us your resume.Salary: $140,000 - $154,000 per yearA bit about us:Non-profit 'Think Tank'...


  • Pittsburgh, United States Carnegie Mellon University Full time

    The Computing Services central IT department provides services that have a strategic impact on university goals. We make service decisions based on interaction and valuable input from colleagues engaged in the education, research, and administration efforts of the university. We are a learning organization and approach successes and mistakes as a learning...

  • IT Security Analyst

    1 week ago


    Pittsburgh, United States Decision Point Full time

    IT Security AnalystID 2024-2655Job LocationsUS-PA-PittsburghCategory Information TechnologyType Regular Full-TimeOverviewDecisionPoint Corporation is seeking an IT Security Analyst to join our US Air Force team supporting the defense of USAF infrastructure (AFIN) at the base level. This position is onsite. Duties & ResponsibilitiesThe contractor shall...

  • Cyber Security Analyst

    2 months ago


    pittsburgh, United States Brooksource Full time

    Jr. Cyber Security Operations AnalystPittsburgh, PA (hybrid)The Cybersecurity Operations Analyst Associate works with the team to review security events to identify and prioritize potential threats and identify trends utilizing various tools and technologies. You will work closely with other teams within Cybersecurity and with IT Operations. This is an entry...

  • Cyber Security Analyst

    2 months ago


    pittsburgh, United States Brooksource Full time

    Jr. Cyber Security Operations AnalystPittsburgh, PA (hybrid)The Cybersecurity Operations Analyst Associate works with the team to review security events to identify and prioritize potential threats and identify trends utilizing various tools and technologies. You will work closely with other teams within Cybersecurity and with IT Operations. This is an entry...

  • Cyber Security Analyst

    2 months ago


    Pittsburgh, United States Brooksource Full time

    Jr. Cyber Security Operations AnalystPittsburgh, PA (hybrid)The Cybersecurity Operations Analyst Associate works with the team to review security events to identify and prioritize potential threats and identify trends utilizing various tools and technologies. You will work closely with other teams within Cybersecurity and with IT Operations. This is an entry...

  • Engineer I

    1 month ago


    Pittsburgh, United States Merrick Bank Full time

    Job DescriptionJob DescriptionMerrick Bank employees share in our mission to delight our customers and empower underserved consumers to achieve their credit goals. In return, we delight our associates; ensuring they are noticed, heard, appreciated and understand the importance of their role(s). For over 20 years, our Guiding Principles of; doing the right...

  • Security Analyst

    6 days ago


    Pittsburgh, PA, United States Reed Smith LLP Full time

    US Job Description Qualifications, skills, and all relevant experience needed for this role can be found in the full description below. Firm Information Reed Smith is a dynamic international law firm dedicated to helping clients move their businesses forward. With an inclusive culture and innovative mindset, we deliver smarter, more creative legal...