• Cybersecurity Architect Expert I

    Duquesne Light Company (Pittsburgh, PA)


    Duquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy, providing a secure supply of reliable power to more than half a million customers in southwestern Pennsylvania.

     

    Duquesne Light Company is committed to creating a culture of inclusion. We value and respect the unique differences and experiences of our employees. We believe that our differences lead to better collaboration, innovation and outcomes. We want you to join our team!

     

    **Job Title:** Cybersecurity Architect Expert I

    Position Summary:

    We are seeking a seasoned Cybersecurity Architecture Technical Expert I to spearhead the design and governance of cybersecurity architecture across our energy and utilities infrastructure. This role is critical in ensuring the security, resilience, and regulatory compliance of operational technology (OT), information technology (IT), and cloud environments. The ideal candidate will bring deep technical expertise, strategic vision, and leadership to protect critical assets and enable secure digital transformation.

     

    **Location:** Hybrid, Pittsburgh, Pennsylvania at Woods Run Complex

    Job Duties and Responsibilities:

    Architecture & Strategy

    + Develop and maintain cybersecurity architecture frameworks tailored to energy and utility systems. - Define and evolve security reference architectures for IT/OT convergence, cloud adoption, and edge computing. - Align cybersecurity architecture with NERC CIP, DOE, and other sector-specific regulatory requirements.

    + Partner with enterprise architects, infrastructure teams, and the business, to form a comprehensive long-term strategy.

    + Stay current with emerging threats, technologies, and regulatory changes impacting the energy sector.

    Technical Leadership

    + Lead threat modeling, risk assessments, and secure design reviews for new and existing systems.

    + Provide technical oversight for security controls across network segmentation, identity management, data protection, and endpoint security. - Guide secure integration of third-party vendors/services, IoT devices, energy market platforms and customer portals.

    Innovation & Resilience

    + Evaluate and recommend emerging technologies (e.g., AI/ML for threat detection, quantum-safe cryptography) to enhance security posture. - Architect solutions for Zero Trust, secure remote access, and anomaly detection in IT/OT environments.

    + Support incident response and recovery planning with architectural insights and resilience strategies.

    Governance & Compliance

    + Ensure architectural decisions support compliance with NERC CIP, ISO 27001, NIST CSF, and other relevant standards. - Collaborate with legal, audit, and compliance teams to ensure cybersecurity architecture supports regulatory audits and reporting.

    Collaboration & Mentorship

    + Partner with enterprise architects, infrastructure teams, and business units to embed security into digital initiatives. - Leader and mentor junior architects and engineers, fostering a culture of security-by-design and continuous improvement.

    + Collaborate with cybersecurity, infrastructure, and application teams to ensure security is embedded throughout the IT lifecycle.

    Education and Experience Required:

    + Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Electrical Engineering, or related field.

    + 15+ years of IT/cybersecurity experience, with 5+ years in architecture leadership roles

    + Deep understanding of OT systems (SCADA, DCS, PLCs), IT/OT integration, and industrial cybersecurity.

    + Expertise in cloud security (Azure, AWS), network architecture, IAM, and secure software development.

    + Strong familiarity with NERC CIP, NIST 800-series, ISA/IEC 62443, and other sector-specific standards.

    + Certifications such as CISSP, CCSP, GIAC, SABSA, or TOGAF preferred.

    Preferred Qualifications:

    + Experience implementing Zero Trust in hybrid IT/OT environments. -

    + Strong understanding of enterprise-grade secure architecture principles and practices.

    + Familiarity with AI/ML security implications and data governance in energy analytics platforms.

    **Skills/Abilities:** Ability to communicate complex technical concepts to executive leadership and non-technical stakeholders.

     

    Scope

     

    Primary focus is on daily deliverables, outputs, reporting along with the proactive improvement of process and workflows for the larger group. Confidently manages ones own time and work flow and prioritizes work effectively. Responsibilities are both operational and strategic in nature. Daily work is typically complex in nature requiring the incumbent to draw on previous knowledge to perform role. Has well established capabilities, acts as a resource to less experienced staff and peers on complex issues which require subject matter expertise.

     

    Decision Impact

     

    Problems and issues faced are vague and require reasoning of a broader set of variables to identify root cause. Expert in their field and makes sound decisions regularly. Other employees typically seek advice and decisioning support from this role on a regular basis.

     

    Hybrid Work

     

    Position follows our hybrid work model, with a minimum of two days working in the office and the remaining days working remotely. Reporting location and frequency may be subject to change based on job role and department needs.

     

    Storm Roles

     

    All Non-Union Employees will serve in storm roles as appropriate to their role and skillset. Please be sure to discuss storm roles with the hiring manager for this position, as duties can vary across the Company. _Examples of storm roles could include but aren't limited to duties such as: working with operations for service center support or with the communications, customer service or government affairs teams to respond to public and customer requests for information, etc._

     

    Data Governance

     

    Utilize data to make business decisions as appropriate for the position, support data stewardship activities and partner with IT on underlying data needs.

    EQUAL OPPORTUNITY EMPLOYER

    Duquesne Light Holdings is committed to providing equal employment opportunity to all people in all aspects of the employment relationship, without discrimination because of race, age, sex, color, religion, national origin, disability, sexual orientation and gender identity or status as a Vietnam era or special disabled veteran or any other unlawful basis, as defined by applicable law, and fostering a workplace free of unlawful discrimination and retaliation. This policy affects decisions including, but not limited to, hiring, compensation, benefits, terms and conditions of employment, opportunities for promotion, transfer, layoffs, return from a layoff, training and development, and other privileges of employment. An integral part of Duquesne Light Holdings' commitment is to comply with all applicable federal, state and local laws concerning equal employment and affirmative action.

     

    Duquesne Light Holdings is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful.

     

    If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at [email protected] and describe the specific accommodation requested for a disability-related limitation.