Telecom Network Security Architect

Important Application Submission Information

In order to ensure your application is successfully received before the job posting expires, please submit your application by 11:59 PM on Tuesday, March 3, 2026.

More than a career - a chance to make a difference in people's lives.

Build an exciting, rewarding career with us - help us make a difference for millions of people every day. Consider joining the Duke Energy team, where you'll find a friendly work environment, opportunities for growth and development, recognition for your work, and competitive pay and benefits.

As a Telecom Network Security Architect, you will be responsible for securing, managing, and maintaining Cisco routers, switches, and related network security technologies across the telecommunications enterprise environment. This role ensures confidentiality, integrity, and availability of critical network systems by implementing hardened configurations. You will monitor multiple sources for threats in order to provide guidance to teams remediating vulnerabilities and support secure network operations.

This position requires working with many teams inside Duke Energy and vendors to ensure security is a top priority.

• Provide configuration guidance to ensure Telecom managed devices are following compliance, security baselines and industry's best practices.
• Provide firmware for patching and configuration hardening to mitigate known vulnerabilities.
• Provide security baseline to secure network architectures, including VLANs, ACLs, 802.1X, and secure management practices.
• A solid understanding of CVSS scoring and ratings to perform risk analysis and guidance.

• Perform vulnerability assessments against Cisco devices using internal tools and vendor advisories.
• Analyze CVEs, evaluate exposure, and develop mitigation strategies.
• Track and report on vulnerability status and remediation timelines.

• Monitor for malicious or anomalous network activity involving Cisco infrastructure.
• Respond to alerts, investigate threats, and coordinate remediation.
• Document analysis and recommended actions.

• Develop and update operational procedures for secure Cisco device management.
• Maintain technical documentation and network diagrams.

• Use tools to perform routine compliance checks to ensure devices meet internal controls.
• Assist with audits, regulatory reviews, and reporting.

• A solid understanding of Cisco Identity Services Engine including services it provides, 802.1x, AAA, Network Access Control, and VPN.
• Lead a team of operations and engineers to support ISE, including best practices, updates, and policies to support the Enterprise.
• A solid understanding network protocols and how they work or could be manipulated to put the Duke Energy network at risk.

• Bachelor's degree in Computer Science, Engineering, or related field
• Minimum 3 years of experience in network or security architecture
• Strong understanding of networking concepts and technologies

• Industry certifications CISSP or CCNA
• Familiarity with cloud technologies, AI, and Enterprise Networks
• Strong problem-solving and analytical skills

• Proficiency in developing and maintaining network documentation and standards
• Ability to work effectively in cross-functional teams and communicate complex technical concepts to both technical and non-technical audiences
• Experience in project management and ability to lead technical initiatives

• Hybrid work environment with a combination of remote and on-site work (3 days a week in the office)
• May require occasional travel to Duke Energy's service regions
• Potential for on-call duties and non-standard working hours during critical projects or incidents

5-15%

Relocation Assistance Provided (as applicable) No

Represented/Union Position No

Visa Sponsored Position No

Please note that in order to be considered for this position, you must possess all of the basic/required qualifications.