Description

Be a part of something powerful at America's premier energy provider!

At Exelon, we are united by our values and shared vision for a cleaner and brighter future. We encourage curiosity, value diverse perspectives and we never stop looking for ways to be, work and do better. We know the future is in our hands. That's why we're looking for people like you, who have the power to make a difference.

As the nation's largest utility company, we serve more than 10 million customers through six fully regulated transmission and distribution utilities: Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco). All 18,000 of us are committed to delivering safe, reliable and affordable energy to our customers, strengthening our communities, supporting a clean energy future and reducing our impact on the changing climate.

Our people are the heart and soul of our business. Whether it's powering lives, supporting communities or collaborating with colleagues, an Exelon employee is talented, compassionate, forward-thinking and inspired. We are empowered to evolve and advance our careers in an open and inclusive environment. We pride ourselves on being the kind of place where people want to come and stay. We know that investing in our employees' futures strengthens ours, which is why we offer competitive compensation, incentives and health and retirement benefits.

PRIMARY PURPOSE OF POSITION

As Cyber Defense Engineering Team Supervisor, leads advanced architectural efforts for team and mentors/assists junior team members with operational tasks as needed. Responsible for the maintenance and operation of the SOC and for providing targeted security advisory services. Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware, software, and documentation that are required to effectively manage network defense. Team members are also responsible for performing off hours support including, responding to off hours support calls, and performing off hours upgrades and break-fix work when necessary to sustain ongoing operations.

PRIMARY DUTIES AND ACCOUNTABILITIES

• Supervise Cyber Defense Systems Engineers. Continually monitor, refine & improve upon the security technologies utilized by the SOC. Perform system administration on specialized cyber defense applications and systems (e.g., anti-virus, SIEM, appliances) to include installation, configuration, maintenance, backup and restoration. Build, install, configure, and test dedicated cyber defense hardware. (30%)
• Provide Log & Monitoring Design Services. Identify potential conflicts with implementation of any cyber defense tools(e.g., tool and signature testing and optimization). (30%)
• Deploy new data source feeds into SIEM & develops initial content for monitoring. Monitor SIEM infrastructure performance (10%)
• Provide Security Advisory Services. Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources. (10%)
• Responsible for SOC capacity planning. Responsible for SOC Release Management & SOC Change Management (10%)
• Assure that all equipment, systems, applications & appliances of threat & vulnerability management technologies are available & running effectively. Assist in assessing the impact of implementing and sustaining a dedicated cyber defense infrastructure. (5%)
• Lead projects to further enhance security technologies, practices, processes (5%)

JOB SCOPE

Provides direction as a team lead. Enables the Cyber SOC to meet key performance metrics supporting the security event logging and monitoring of Exelon's critical infrastructure. Responsible for the creation of content for use in monitoring toolsets while maintaining a uniform view of security monitoring architecture. Tests, implements, deploys, maintains, and administers the infrastructure hardware and software.

Qualifications
MINIMUM QUALIFICATIONS

• Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 5 to 8 years of solid, diverse experience in cyber security systems operations, or equivalent combination of education and work experience.
• Knowledge in the following core technical competencies: Operations, Engineering, Content Development, Internetworking, TCP, IP & Boolean Logic
• Knowledge of SOC tools including but not limited to; SIEM, anomaly detection, and IPS/IDS
• Knowledge of SOC processes and SOC Engineering.
• Knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools.
• Knowledge of how network services and protocols interact to provide network communications.
• Knowledge of Security principles such as Threat Lifecycle Management & Incident Management & Lifecycle.
• Knowledge of network protocols (e.g., Transmission Control Protocol/Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP]), and directory services (e.g., Domain Name System [DNS]).
• Knowledge of network traffic analysis methods.
• Knowledge of packet-level analysis.
• Knowledge of basic system administration, network, and operating system hardening techniques.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
• Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
• Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
• Skill in tuning sensors.
• Skill in securing network communications.
• Skill in protecting a network against malware.
• Knowledge of cyber defense policies, procedures, and regulations.
• Knowledge of test procedures, principles, and methodologies (e.g., Capabilities and Maturity Model Integration (CMMI)).
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Knowledge of basic system, network, and OS hardening techniques.
• Skill in system, network, and OS hardening techniques.

PREFERRED QUALIFICATIONS

• Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff
• CISSP designation
• Skill in using security event correlation tools.
• Demonstrated knowledge of cyber defense policies, procedures, and regulations.
• Demonstrated advanced knowledge in the area of Cyber SOC operations; particularly in Cyber Security Systems Engineering