Sr Cyber Defense Incident Responder

Location: OWINGS MILLS, MD, United States
Organization: Exelon Business Servcs Co, LLC
Job ID: 224453
Date Posted: Apr 3, 2020

Share: mail

Job Description

Description

PRIMARY PURPOSE OF POSITION:


Provides technical expertise to perform Tier 1/ 2 Cyber Security Incident Handling, Response and Remediation.


Contributes to the design, development and improvement of cyber security capabilities used to investigate, identify and actively defend Exelon infrastructure against cyber security threats.Works closely with Cyber Security Operations Center (CSOC) Tier 1 team, Supervisor, and Manager.

 

MAJOR ACCOUNTABILITIES:
- Perform and document work activities relating to Tier 1/2 CSOC Incident Response investigations and identification of indicators of malware and persistent threats. Perform activities required to manage service level agreements.
- Work closely with CSOC Supervisor to coordinate activities and services.
- Support the identification, containment, eradication, & recovery of Tier 2 incidents. - Coordinate and provide technical support to resolve cyber security incidents.  Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.  Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
- Coordinate incident response functions.  Perform cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.  Track and document cyber defense incidents from initial detection through final resolution.  Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
- Update Incident Management & trouble tickets, providing timely & accurate status updates of ongoing activities.
- Recommend short & long term adjustments to controls for immediate & future identification, containment & remediation.
- Provide direction on tuning of signatures, rules, alerts, and use cases.
Contribute to IR process definition & development & maintenance of documented procedures & procedures, including process integration with managed security service providers, 3rd party vendors, internal IT organizations, & business units. Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate

 

POSITION SCOPE:
Provide cyber security Incident Handling & Response services to Exelon by serving in a front-line role for information security incidents. Responds to disruptions within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches to maximize preservation of property and information security. Investigates and analyzes relevant response activities and evaluates the effectiveness of and improvements to existing practices.

Qualifications

POSITION SPECIFICATIONS

Minimum:

- 5+ years of diverse experience in cyber security or equivalent combination of relevant education and work experience.
- Knowledge of how network services and protocols interact to provide network communications.
- Knowledge of incident categories and incident response lifecycle.
- Knowledge of incident response handling methodologies.
- Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies.
- Knowledge of network protocols TCP/IP, DHCP, and directory services (e.g., DNS).
- Knowledge of network traffic analysis methods.
- Knowledge of packet-level analysis.
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, SQL injections, malicious code, etc).
- Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
- Knowledge of basic system administration, network, and operating system hardening techniques.
- Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation or privileges, maintaining access, network exploitation, covering tracks).
- Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).

 Preferred:
- BS or MS Graduate degree in cyber security or related area of expertise.
- Relevant cyber security certifications including but not limited to: GIAC Continuous Monitoring Certification – GMON, GIAC Certified Intrusion Analyst – GCIA, GIAC Certified Incident Handler – GCIH, GIAC Security Essentials Certificate – GSEC.
- Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.
- Direct experience in network security (SOC, SIRT, CSIRT) investigating targeted intrusions through complex network segments.
- Demonstrated skill of identifying, capturing, containing, and reporting malware.
- Familiarity with cyber security frameworks including MITRE ATT&CK, NIST, Cyber Kill Chain, etc.
- Skill in using security event correlation tools.
- Demonstrated knowledge of cyber defense policies, procedures, and regulations.

----


Share: mail

Similar Jobs

Manager IT - UComm Engineering

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

Lead Analyst IT - Real Time Systems

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

Sr. Financial Analyst-IT

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

Lead Analyst IT

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

Sr. Financial Analyst-IT

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

Sr. Business Analyst IT

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

IT Manager - Digital Ops

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

Lead Analyst IT

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

Sr Cyber Defense Incident Responder

OWINGS MILLS, MD, United States
Exelon Business Servcs Co, LLC

Lead Analyst IT - Oracle Integration Cloud (OIC)

WINDSOR MILL, MD, United States
Exelon Business Servcs Co, LLC

Lead Analyst IT - Oracle ( CX and CDM)

WINDSOR MILL, MD, United States
Exelon Business Servcs Co, LLC

Frequent Job Searches

Recently Viewed Jobs

Most Recent Job Searches

Relevant Jobs

Personalize this site