Prin Cyber Def Threat Spclst

Who We Are

We're powering a cleaner, brighter future.

Exelon is leading the energy transformation, and we're calling all problem solvers, innovators, community builders and change makers. Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient.

We're powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service. We are a Fortune 200 company, 19,000 colleagues strong serving more than 10 million customers at six energy companies -- Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco).

In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking. And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career.

Are you in?

Primary Purpose

PRIMARY PURPOSE OF POSITION

Perform, under the guidance of the Manager, Cyber Defense Security Operations Center (SOC); researches cyber security threats and trends, collaborates with Cyber Defense Threat Intelligence Analysts in development/application/maintenance of cyber threat profiles and countermeasures. Leads the development of advanced analytical models capable of identifying anomalous activity based on available information sources and knowledge of adversary tradecraft. Serves as the Primary threat advisor to the Sr. Manager, Cyber Defense Operations

Note: This is a hybrid position (in-office with remote flexibility). Employees are required to be in office at least three days per week (Tuesday, Wednesday, and Thursday).

Primary Duties

PRIMARY DUTIES AND ACCOUNTABILITIES

• Develops unique cyber indicators to maintain constant awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes, and disseminates cyber warning assessments based on intelligence received from Cyber Defense Operations personnel.
• Develop and deploy actionable threat intelligence and countermeasures
• Provide log & monitoring design services
• Provide cyber security research and advisory services.
  
  

Job Scope

JOB SCOPE

Enables the Cyber SOC to meet key performance metrics across four key capabilities: Security Monitoring, Incident Handling & Response, Cyber Threat Intelligence, and Technical Solutions Development. Develops and leads proactive detection strategies. Coordinate all intel relevant activities with the Cyber Defense Forensics team as applicable.

Minimum Qualifications

MINIMUM QUALIFICATIONS

• Bachelor's Degree in Computer Science or a related 4-year technical degree (or a minimum 4 years of IT or Cyber Security experience) - in lieu of degree, 9-12 years of relevant experience.
• 7-10 years' experience supporting complex network architecture at enterprise level
• Core Technical skills in the following: SourceFire, Snort rules, BRO, Linux, Windows 2008 Server, Network Security and Architecture, log and packet analysis, malware analysis
• General Info Security: Security Principles, Threat Lifecycle Management & Incident Management & Lifecycle, excellent verbal and written communication skills,
• Comprehensive knowledge of common networking protocols: HTTP, DNS, DHCP, SMTP, NTP, SSH, FTP.
• Detailed understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics and techniques.
• Lockheed Martin Cyber Kill Chain methodology, NIST and SANS Critical Security controls
• Security technologies: BRO-IDS, SIEM, Malware Sandboxing, Endpoint Protection, User Behavior Analytics.
• Signatures, rules, and content development and deployment
• Knowledge of organization's enterprise information security architecture system.
• Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs.
• Knowledge of new and emerging and cyber security technologies.
  
  

Preferred Qualifications

PREFERRED QUALIFICATIONS

• General Info Security: Intelligence-Driven Detection, Security Principles, Threat Lifecycle Management, Incident Management & Lifecycle, Platform Analysis, Forensics & Investigations, NSM, DFIR
• Cyber SOC Process Management: Overall Process Design & SOC Teamwork, Collaboration and independent contributions
• Preferred certifications: CISSP, GCIH, Linux or LPI, Security , Network , CCNA, CCNP
• Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.
• Demonstrated knowledge of cyber defense policies, procedures, and regulations.
• Knowledge of specific operational impacts of cybersecurity lapses.
  
  

Benefits

• Annual salary will vary based on a candidate's skills, qualifications, experience, and other factors:USD $132,000.00/Yr. - USD $198,000.00/Yr.
• Annual Bonus for eligible positions: 20%
• 401(k) match and annual company contribution
• Medical, Dental and Vision Insurance
• Life and disability insurance
• Generous paid time off options, including vacation, sick time, floating and fixed holidays, maternity leave and bonding/primary caregiver leave or parental leave (based on position)
• Long Term Incentive Plan for eligible positions
• Wellbeing programs such as tuition reimbursement, adoption assistance and fitness reimbursement
• Referral bonus program
• And much more