Sr. Cyber Security Analyst - IT

Job Description

Description

We're powering a cleaner, brighter future.

Exelon is leading the energy transformation, and we're calling all problem solvers, innovators, community builders and change makers. Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient.

We're powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service. We are a Fortune 200 company, 19,000 colleagues strong serving more than 10 million customers at six energy companies -- Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco).

In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking. And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career.

Are you in?

POSTION SUMMARY

This position is a lead role on an application support team that owns/supports a wide variety of security and remote-access tools. As an application lead, you will be responsible directing the work of the members of your team, coaching junior members, and setting goals for your application and team. In this role you will be involved with the design, patching, and day-to-day support of the tools that we own. Some of those tools support activities like log collection, system configuration monitoring, automated password management endpoint application control, and remote-access systems to our field devices that make up the critical infrastructure of Exelon’s electric and gas systems. You will be involved in Exelon’s NERC-CIP and TSA Gas Directive compliance programs and will use our team’s tools to automate solutions to meet these regulatory requirements. The position is a hybrid position and most duties do not require a continuous “in the office” presence, but our team routinely meets in their region as required for operational and project demands. You will be expected to be responsive and ready to support while at home or in the office. Due to this position supporting Exelon’s critical infrastructure, “on-call” rotations exist to respond to issues that may occur with the applications we support.

PRIMARY PURPOSE OF POSITION

Has in-depth technical Knowledge and expertise to support delivery and maintenance of IT Cyber security and network solutions. Partner with IT teams across the organization and business lead projects or project steps related to cyber security and/or network solutions. Individual will be responsible to select or innovate technology solutions by weighing the advantages of technology standards, risks, benefits to meet complex business/IT needs. In addition will be relied upon to mentor and support colleagues with less expensive.

PRIMARY DUTIES AND ACCOUNTABILITIES

• Provide technical expertise for maintaining performance and reliability of key IT solutions. (35%)

• Assist in development of projects by sharing expertise on current systems and processes. Ensure appropriate planning, testing, and implementation of technology both within the development and production environments. (15%)

• Drive innovation across the organization by identifying and providing analysis of trends and issues with the goal to drive new business opportunities and solve complex business problems. (25%)

• Maintain and enhance engagement with business and IT partners. (10%)

• Maintain technical knowledge and business acumen within own discipline or function (5%)

• Actively participate and maintain required qualifications and/or certifications for job role (5%)

• Ability to provide on-call support after normal business hours (5%)

JOB SCOPE

• In-Depth knowledge of cyber security practices for an enterprise environment

• In-Depth knowledge of cyber security practices for an enterprise computer networking concepts and protocols, and network security methodologies

• In-Depth knowledge of firewall operations

• Promotes and shares professional knowledge via seminars, presentations, and publications within your community (i.e. department, peers, educational institutions)

• Works under minimal supervision

LI# - Onsite

Qualifications

MINIMUM QUALIFICATIONS

• Bachelors degree in Computer Science or related discipline and 5 to 8 years experience in the IT industry or 9 - 12 years of equivalent combination of education and work experience.

• Demonstrate technical depth in required discipline

• Excellent communications skills - Able to effectively communicate highly technical information in non- technical terminology (written and verbal).

• Understanding of change management processes associated with technology implementations

• Demonstrated leadership skills, ability to mentor less experienced colleagues.

• Understanding of project management principles

• Flexible and adaptable to changing priorities, based on business needs

• In-Depth knowledge of Server and Workstation Operating Systems (Windows / Linux), along with command prompt knowledge

• In-Depth knowledge in IP based switching, routing, and network environments (Cisco)

• In-Depth knowledge of computer networking concepts and protocols, and network security methodologies.

• In-Depth knowledge of firewall operations (Cisco & Checkpoint)

• In-Depth knowledge of cyber security practices for an enterprise environment

PREFERRED QUALIFICATIONS

• Experience leading application teams and IT project work. This position requires the ownership and maintenance of Exelon’s security IT applications our team supports in a federal government regulated environment.

• Bachelor’s Degree or equivalent professional experience building and supporting IT Security applications

• Project Management Professional (PMP) certification or demonstratable professional experience managing IT projects

• Certification in an area of expertise specializing in one or more of the following applications: Cyberark, Splunk, Tripwire, Aruba Clearpass, Siemens Crossbow, RSA, or Carbon Black

• Expert experience administering enterprise level Windows and/or Linux based environments.

• Responsible for installing software, updates, and security patches on critical applications. (Cyberark, Splunk, Tripwire, Aruba Clearpass, Siemens Crossbow, and Carbon Black)

• Network knowledge for troubleshooting, designing, and implementing firewall polices

• PowerShell scripting or Shell Scripting to automate routine data collection into our wide range of security tools we manage. Knowledge of leveraging application API’s and other data interfaces.

• Knowledge of the NERC CIP standards and their implementation to protect critical IT Systems

• Experience coordinating with team members to leverage a wide array of skillsets and ensuring project deliverables are met on time

• Incident Response, and End User Education

• In-Depth knowledge of Security Information Event Management (SIEM) solutions (ex. Splunk, Nitro, Industrial Defender)

• Certified Information Systems Security Professional CISSP

• Experience with File Integrity Monitoring (FIM) and Configuration Management Monitoring Solutions