Telecom Network Security Architect

Duke Energy Corporation•Cincinnati, OH

1d•Hybrid

About The Position

As a Telecom Network Security Architect, you will be responsible for securing, managing, and maintaining Cisco routers, switches, and related network security technologies across the telecommunications enterprise environment. This role ensures confidentiality, integrity, and availability of critical network systems by implementing hardened configurations. monitoring multiple sources for threats in order to provide guidance to teams remediating vulnerabilities and supporting secure network operations. This position requires working with many teams inside Duke Energy and vendors to ensure security is a top priority.

Requirements

Bachelor's degree in Computer Science, Engineering, or related field
Minimum 3 years of experience in network or security architecture
Strong understanding of networking concepts and technologies

Nice To Haves

Industry certifications CISSP or CCNA
Familiarity with cloud technologies, AI, and Enterprise Networks
Strong problem-solving and analytical skills
Proficiency in developing and maintaining network documentation and standards
Ability to work effectively in cross-functional teams and communicate complex technical concepts to both technical and non-technical audiences
Experience in project management and ability to lead technical initiatives

Responsibilities

Network Security & Configuration Management Provide configuration guidance to ensure Telecom managed devices are following compliance, security baselines and industry’s best practices.
Provide firmware for patching and configuration hardening to mitigate known vulnerabilities.
Provide security baseline to secure network architectures, including VLANs, ACLs, 802.1X, and secure management practices.
A solid understanding of CVSS scoring and ratings to perform risk analysis and guidance.
Threat & Vulnerability Management Perform vulnerability assessments against Cisco devices using internal tools and vendor advisories.
Analyze CVEs, evaluate exposure, and develop mitigation strategies.
Track and report on vulnerability status and remediation timelines.
Monitoring & Incident Response Monitor for malicious or anomalous network activity involving Cisco infrastructure.
Respond to alerts, investigate threats, and coordinate remediation.
Document analysis and recommended actions.
Process Improvement & Documentation Develop and update operational procedures for secure Cisco device management.
Maintain technical documentation and network diagrams.
Compliance & Governance Use tools to perform routine compliance checks to ensure devices meet internal controls.
Assist with audits, regulatory reviews, and reporting.
Lead ISE Architecture A solid understanding of Cisco Identity Services Engine including services it provides, 802.1x, AAA, Network Access Control, and VPN.
Lead a team of operations and engineers to support ISE, including best practices, updates, and policies to support the Enterprise.
A solid understanding network protocols and how they work or could be manipulated to put the Duke Energy network at risk.