Info Security Analyst II

Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy, providing a secure supply of reliable power to more than half a million customers in southwestern Pennsylvania.

Duquesne Light Company is committed to creating a culture of inclusion. We value and respect the unique differences and experiences of our employees. We believe that our differences lead to better collaboration, innovation and outcomes. We want you to join our team!

Duquesne Light Company (DLC) is seeking a highly skilled Information Security Analyst II to join the Cybersecurity Operations ("CyberOps") team. This advanced-level role supports the protection of critical infrastructure and compliance with NERC CIP requirements. The Analyst II is expected to demonstrate deep technical expertise, strategic thinking, and leadership in the development, implementation, and continuous improvement of DLC's enterprise-wide information security program.

The Analyst II will proactively assess security risks, anticipate operational impacts of policy and control changes, and collaborate across departments to strengthen DLC's cybersecurity posture. This role requires the ability to lead investigations, drive security initiatives, and mentor junior analysts while maintaining a strong focus on regulatory compliance and operational resilience.

Location: Hybrid - Downtown Pittsburgh, PA (Woods Run Complex)

Responsibilities:

* Lead investigations, response, and remediation of cyber events affecting DLC's critical infrastructure and enterprise environments.

* Provide advanced system administration and engineering support for CyberOps platforms and applications.

* Develop and maintain comprehensive documentation for cybersecurity processes, controls, and technologies.

* Evaluate and recommend emerging technologies and methodologies to enhance DLC's security and business continuity posture.

* Collaborate with cross-functional teams to design and implement security controls aligned with business and regulatory requirements.

* Manage and optimize security event monitoring, tuning, and incident response workflows.

* Ensure timely and effective resolution of complex security issues and incidents.

* Conduct in-depth forensic analysis of host-based systems and network traffic.

* Monitor and analyze cybersecurity events, reporting findings and trends to leadership.

* Lead efforts to ensure endpoint compliance with security policies, procedures, and standards.

* Integrate actionable threat intelligence into operational processes and security technologies.

* Stay current with evolving threats, vulnerabilities, and regulatory changes impacting DLC's cybersecurity program.

* Support and lead activities related to security audits, evidence collection, and compliance reporting.

* Mentor junior analysts and contribute to team development and knowledge sharing.

Additional Responsibilities:

* Perform other job-related duties as assigned

* Storm role duties as assigned

Education and Experience Required:

* Bachelor's Degree in Cybersecurity, Computer Forensics, Computer Engineering or related discipline or in lieu of degree, a commensurate combination of education and experience will be considered

* 2+ years of relevant experience required

Preferred Qualifications:

* Experience in utility or critical infrastructure sectors, particularly with SCADA systems.

* Strong familiarity with NERC CIP and other regulatory frameworks (e.g., NIST CSF, ISO 27001).

* Proven experience with security audits, compliance assessments, and evidence management.

* Hands-on experience with security platforms such as SIEM, EDR, vulnerability management, and configuration monitoring tools.

* Systems administration experience in Windows and Linux environments.

* Proficiency in scripting and database languages (Python, PowerShell, SQL).

* Professional certifications such as CISSP, GIAC, CompTIA Security+/Network+, or equivalent.

Skills/Abilities:

* Advanced understanding of cybersecurity domains including threat analysis, vulnerability management, incident response, and endpoint/network/email security.

* Strong analytical and problem-solving skills with the ability to manage complex projects and initiatives.

* Excellent technical writing and documentation skills.

* Effective communication and presentation skills across all levels of the organization.

* Ability to translate complex technical concepts into actionable insights for diverse audiences.

* Strong organizational and project management capabilities.

* Ability to prioritize and manage multiple tasks in a dynamic, fast-paced environment.

* Demonstrated leadership and mentoring abilities.

Storm Roles

All Non-Union Employees will serve in storm roles as appropriate to their role and skillset. Please be sure to discuss storm roles with the hiring manager for this position, as duties can vary across the Company. Examples of storm roles could include but aren't limited to duties such as: working with operations for service center support or with the communications, customer service or government affairs teams to respond to public and customer requests for information, etc.

EQUAL OPPORTUNITY EMPLOYER

Duquesne Light Holdings is committed to providing equal employment opportunity to all people in all aspects of the employment relationship, without discrimination because of race, age, sex, color, religion, national origin, disability, sexual orientation and gender identity or status as a Vietnam era or special disabled veteran or any other unlawful basis, as defined by applicable law, and fostering a workplace free of unlawful discrimination and retaliation. This policy affects decisions including, but not limited to, hiring, compensation, benefits, terms and conditions of employment, opportunities for promotion, transfer, layoffs, return from a layoff, training and development, and other privileges of employment. An integral part of Duquesne Light Holdings' commitment is to comply with all applicable federal, state and local laws concerning equal employment and affirmative action.

Duquesne Light Holdings is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful.

If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at HR@duqlight.com and describe the specific accommodation requested for a disability-related limitation.