Description

We're powering a cleaner, brighter future.
Exelon is leading the energy transformation, and we're calling all problem solvers, innovators, community builders and change makers. Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient.
We're powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service. We are a Fortune 200 company, 19,000 colleagues strong serving more than 10 million customers at six energy companies - Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco).
In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking. And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career.
Are you in?
PRIMARY PURPOSE OF POSITION

As Cyber Defense Engineering Team Supervisor, leads advanced architectural efforts for team and mentors/assists junior team members with operational tasks as needed. Responsible for the maintenance and operation of the SOC and for providing targeted security advisory services. Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware, software, and documentation that are required to effectively manage network defense. Team members are also responsible for performing off hours support including, responding to off hours support calls, and performing off hours upgrades and break-fix work when necessary to sustain ongoing operations.

Note: This is a flex position meaning this role will be part remote and part in the office. This role is a HYBRID position - candidates must reside in one of the following states - IL, PA, NJ, DE, MD or Washington DC. This role is not eligible for relocation assistance.

PRIMARY DUTIES AND ACCOUNTABILITIES

• Supervise Cyber Defense Systems Engineers. Continually monitor, refine & improve upon the security technologies utilized by the SOC. Perform system administration on specialized cyber defense applications and systems (e.g., anti-virus, SIEM, appliances) to include installation, configuration, maintenance, backup and restoration. Build, install, configure, and test dedicated cyber defense hardware.
• Provide Log & Monitoring Design Services. Identify potential conflicts with implementation of any cyber defense tools(e.g., tool and signature testing and optimization).
• Deploy new data source feeds into SIEM & develops initial content for monitoring. Monitor SIEM infrastructure performance
• Provide Security Advisory Services. Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.
• Responsible for SOC capacity planning. Responsible for SOC Release Management & SOC Change Management
• Assure that all equipment, systems, applications & appliances of threat & vulnerability management technologies are available & running effectively. Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure.
• Lead projects to further enhance security technologies, practices, processes

JOB SCOPE

Provides direction as a team lead. Enables the Cyber SOC to meet key performance metrics supporting the security event logging and monitoring of Exelon's critical infrastructure. Responsible for the creation of content for use in monitoring toolsets while maintaining a uniform view of security monitoring architecture. Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.

Qualifications

• Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 5 to 8 years of solid, diverse experience in cyber security systems operations, or equivalent combination of education and work experience.
• Knowledge in the following core technical competencies: Operations, Engineering, Content Development, Internetworking, TCP, IP & Boolean Logic
• Knowledge of SOC tools including but not limited to; SIEM, anomaly detection, and IPS/IDS
• Knowledge of SOC processes and SOC Engineering.
• Knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools.
• Knowledge of how network services and protocols interact to provide network communications.
• Knowledge of Security principles such as Threat Lifecycle Management & Incident Management & Lifecycle.
• Knowledge of network protocols (e.g., Transmission Control Protocol/Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP]), and directory services (e.g., Domain Name System [DNS]).
• Knowledge of network traffic analysis methods.
• Knowledge of packet-level analysis.
• Knowledge of basic system administration, network, and operating system hardening techniques.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
• Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
• Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
• Skill in tuning sensors.
• Skill in securing network communications.
• Skill in protecting a network against malware.
• Knowledge of cyber defense policies, procedures, and regulations.
• Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)).
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Knowledge of basic system, network, and OS hardening techniques.
• Skill in system, network, and OS hardening techniques.

• Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff
• CISSP designation
• Skill in using security event correlation tools.
• Demonstrated knowledge of cyber defense policies, procedures, and regulations.
• Demonstrated advanced knowledge in the area of Cyber SOC operations; particularly in Cyber Security Systems Engineering