Sr Cyber Def Anlst-Real Time

Description

We're powering a cleaner, brighter future.

Exelon is leading the energy transformation, and we're calling all problem solvers, innovators, community builders and change makers. Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient.

We're powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service. We are a Fortune 200 company, 19,000 colleagues strong serving more than 10 million customers at six energy companies -- Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco).

In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking. And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career.

Are you in?

Primary Purpose of Position

Perform the security monitoring process and escalate relevant issues to the Cyber Defense Team Lead – Real Time. Identify potential security incidents and forward to the appropriate team for further analysis. Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs.) to analyze events that occur within their environments for the purposes of mitigating threats.

Note: This is a hybrid position (in-office with remote flexibility). Employees are required to be in office at least three days per week (Tuesday, Wednesday, and Thursday).

Primary Duties and Accountibilities

Perform cyber security monitoring of Industrial Control/SCADA systems with established monitoring tools including Industrial Defender and Splunk

Perform network traffic monitoring for anomalous traffic patterns using Network Intrusion Detection Systems (NIDS)

Interface with various business entities to determine nature of detected cyber events, perform detailed analysis on cyber events and advise entities on methods to improve security posture

Create detailed documentation on use of monitoring systems, topology and details of business entity ICS/SCADA systems, and performance of NERC CIP logging monitoring and alerting processes

Provide daily summary reports of network events and activity relevant to cyber defense practices. Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.

Remain up-to-date on the latest security information in order to validate the security analysis & identification capabilities of the security operations technologies

Provide guidance and assistance for less experienced security monitoring analysts

POSITION SCOPE:

Provide near real-time monitoring of business centric risks to Exelon by identifying potential security incidents from security alerts.

Qualifications

Minimum Qualification

Bachelor’s Degree in Computer Science or a related 4-year technical degree, with 5 to 8 years of experience in IT or cyber security, or equivalent combination of education and work experience.

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

Knowledge of cyber defense and vulnerability assessment tools, including open source tools, and their capabilities.

Skill in performing packet-level analysis (e.g., Wireshark, tcpdump, etc.).

Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools

Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.

Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies. Comprehensive knowledge of common networking protocols: HTTP, DNS, DHCP, SMTP, NTP, SSH, FTP.

Preferred Qualification

Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]).

Knowledge of cryptography and cryptographic key management concepts.

Knowledge of incident response and handling methodologies.

Knowledge of penetration testing principles, tools, and techniques.

Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.

Benefits

Annual salary will vary based on a candidate's skills, qualifications, experience, and other factors: $103,200-$154,800

Annual bonus and incentive pay up to 15%

401(k) match and annual company contribution

Medical, Dental and Vision Insurance

Life and disability insurance

Generous paid time off, including vacation, floating and fixed holidays and sick time

Maternity leave as well as paid bonding/primary caregiver leave or parental leave for the birth or adoption of a child or to care for an ill family member, as applicable (eligibility based on position)

Long Term Incentive Plan for eligible positions

Wellbeing programs such as tuition reimbursement, adoption assistance and fitness reimbursement

Referral bonus program

And much more

REQNUMBER: 252925

Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law. If you are an individual with a disability and need an accommodation to complete the application, please email us at [email protected].