Important Application Submission Information In order to ensure your application is successfully received before the job posting expires, please submit your application by 11:59 PM on Friday, February 13, 2026 More than a career - a chance to make a difference in people's lives. Build an exciting, rewarding career with us – help us make a difference for millions of people every day. Consider joining the Duke Energy team, where you'll find a friendly work environment, opportunities for growth and development, recognition for your work, and competitive pay and benefits. Job Summary: The Cybersecurity Systems Engineer Analyst is responsible for support, maintenance and development of tools utilized to generate cyber security events and incidents across the Duke Energy environment. The Analyst will work closely with peers, other internal/external teams and management in a 24x7 Cybersecurity Operations Center (CSOC) environment. The Analyst is also responsible for following processes and procedures as defined by Cybersecurity leadership and the Computer Incident Response Team (CIRT). They will typically perform in a role similar to systems administrator with a focus on detection and correlation of cyber events related to managed systems. Responsibilities: Participate in the content generation related to operation of a Global Security Information and Event Management (SIEM) system, to include; ESM, Oracle, Connector appliances, SmartConnectors, Logger appliances, Windows and Linux servers and a variety of network and security related devices. Identify, develop and deploy content / events for an evolving SIEM infrastructure; including use cases that involve Dashboards, Active Channels, Reports, Rules, Filters, Trends, Metrics and Active Lists. Apply knowledge of ongoing and emergent cyberthreats related to network and endpoint vulnerabilities to establish criteria for event / alert generation and correlation. Track cyber threat actors/campaigns based off technical analysis and open source/third party intelligence. Research and track new exploits and cyber threats. Support the establishment, enhancement, and continual improvement of an integrated set of correlation rules, alerts, searches, reports, and responses related to supported cybersecurity tool suites. Assist in the maintenance (patching / upgrade), configuration and operation of Cybersecurity tools including Endpoint / Antivirus, SIEM loggers and connectors, and Network analysis and defense products. Enhance and tune product events and other cyber event correlation rules to reduce false positives. Ensure deployment of supported product set over entire threat surface. Provide 24x7 Systems Engineer for escalations on a rotating shift basis Basic/Required: High School/GED Minimum 6 years related work experience Desired Qualifications: Experience in Cybersecurity, preferability with SIEM technology, logging environments, and cybersecurity products related to visibility and defense of endpoint and networks. Previous Duke Energy experience Palo Alto enterprise firewall management experience 2+ years experience in a security operations center and/or system administration role Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings and provide briefings to various levels of staff / management. Ability to work in high pressure situations and within a team environment. Experience with writing and editing technical documentation and operational procedures. Demonstrated effective problem solving & analytical skills Direct background or exposure to cyber security operations Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies General networking understanding and/or experience to include Understanding of TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB Windows and UNIX/Linux command line scripting experience and programming experience. Demonstrated understanding of the life cycle of cybersecurity threats and tools used to mitigate risk. Experience with forensics and malware analysis concepts and methods. Familiarity or experience with the Cyber Kill Chain® methodology Knowledgeable of Duke Energy’s IT Security policies Innovative – ability to recognize and seek improvement and efficiency opportunities Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain. Experience with the maintenance, configuration and operation of Cybersecurity tools related to the cloud environment, including OMS, Web Application Firewalls, Log Analytics and other cloud centric solutions. Ability to evaluate and develop content / alert solutions for cloud based environments including Azure, OMS, AWS, O365, etc. Working knowledge of Active Directory Federation Services (ADFS) or Azure Active Directory and understanding of SAML 2.0 and cloud SSO providers Knowledge in automated build systems required, including Jenkins, Docker, AWS Experience deploying and managing containers and applications Working Conditions: Hybrid Mobility Classification – Work will be performed from both remote and onsite locations after the onboarding period. However, hybrid employees should live within a reasonable daily commute to a Duke Energy facility. Office Environment Specific Requirements HS/GED: 6 yrs work experience {required} Associates: 4 yrs work experience {preferred} Bachelors: 2 yrs work experience {preferred} Travel Requirements 5-15% Relocation Assistance Provided (as applicable) No Represented/Union Position No Visa Sponsored Position No Please note that in order to be considered for this position, you must possess all of the basic/required qualifications. Privacy Do Not Sell My Personal Information (CA) Terms of Use Accessibility We are one of the largest electric power holding companies in the United States, supplying and delivering electricity to approximately 7.4 million U.S. customers. We have approximately 52,700 megawatts of electric generating capacity in the Carolinas, the Midwest and Florida – and natural gas distribution services serving more than 1.5 million customers in Ohio, Kentucky, Tennessee and the Carolinas. Our commercial and international businesses own and operate diverse power generation assets in North America and Latin America, including a portfolio of renewable energy assets. Regardless of your skill set or specific interest, we're looking for the best and brightest talent in the industry. Our people make us great - and we're always looking for more. Find your career path today at Duke Energy, where it's more than a career - it's a chance to make a difference in people's lives. Duke Energy is an Equal Opportunity Employer and complies with the laws set forth in the Department of Labor EEO Poster and Supplement.