Sr Cyber Def Threat Intelligence Analyst
Description
Be a part of something powerful at America's premier energy provider!
At Exelon, we are united by our values and shared vision for a cleaner and brighter future. We encourage curiosity, value diverse perspectives and we never stop looking for ways to be, work and do better. We know the future is in our hands. That's why we're looking for people like you, who have the power to make a difference.
As the nation's largest utility company, we serve more than 10 million customers through six fully regulated transmission and distribution utilities Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco). All 18,000 of us are committed to delivering safe, reliable and affordable energy to our customers, strengthening our communities, supporting a clean energy future and reducing our impact on the changing climate.
Our people are the heart and soul of our business. Whether it's powering lives, supporting communities or collaborating with colleagues, an Exelon employee is talented, compassionate, forward-thinking and inspired. We are empowered to evolve and advance our careers in an open and inclusive environment. We pride ourselves on being the kind of place where people want to come and stay. We know that investing in our employees' futures strengthens ours, which is why we offer competitive compensation, incentives and health and retirement benefits.
PRIMARY PURPOSE OF POSITION
The Senior Cyber Defense Threat Intelligence Analyst (CDTIA) identifies, collects, and monitors appropriate cyber threat intelligence information from various sources to analyze, fuse, and provide actionable intelligence reports and briefings to cyber defense and other information technology security teams. The CDTIA collaborates with Joint Security Operations Center (JSOC) teams to operationalize cyber threat intelligence in support of defending Exelon IT and supporting infrastructure against Advanced Persistent Threats. The CDTIA works closely with Incident Response, Incident Monitoring, Forensics, Systems Engineering, and Enterprise Technology cyber security teams to provide security control services to the business.
Item
Accountability
%
1
Identify and monitor cyber threat intelligence sources to provide actionable intelligence to the Joint Security Operations Center (JSOC) teams. Work closely with JSOC teams to identify and evaluate potential countermeasures and defenses.
60
2
Support corporate end-to-end intelligence efforts through expert analysis and reporting of cyber threat intelligence and associated data.
20
3
Support the identification, containment, and eradication of cyber threats of all sophistication levels (Commodity Malware to Advanced Persistent Threat (APT))
10
4
Recommend short- & long-term adjustments to controls for immediate & future identification, containment & remediation
5
5
Provide direction on tuning of signatures, rules, alerts, parsers, & custom scripts.
5
Qualifications
POSITION SPECIFICATIONS
Minimum:
Preferred
- Bachelor's Degree in Computer Science or a related 4-year technical degree or equivalent military / government experience and typically 5 or more years of solid, diverse experience in IT, cybersecurity, or equivalent combination of education and work experience.
- Minimum 3 years of experience in: Cyber Operations, Threat Intelligence, or Incident Response roles.
- One or more of the following: GIAC Certified Intrusion Analyst - GCIA, GIAC Certified Incident Handler - GCIH, GIAC Network Forensic Analyst - GNFA, Offensive Security Ceritified Professional - OSCP
- Experience in network security environment (Security Operations Center, Security Incident Response Team, or Cyber Security Incident Response) investigating targeted intrusions through complex network segments or experience in operational technology engineering and security concepts
- Graduate degree in cyber security or related area of expertise.
- Minimum 3 years of experience supporting the energy sector
POSITION SCOPE
Provide Cyber Threat Intelligence, Incident Handling & Response services to Exelon by serving in a front-line role for information security incidents.