This job posting is no longer active.
Location: BALTIMORE, MD, United States
Organization: Exelon Business Servcs Co, LLC
Job ID: 235889
Date Posted: Feb 10, 2022
Job: Information Technology - Staff
Description
At Exelon, we've got a place for you!
Join the nation's leading competitive energy provider, with one of the largest electricity generation portfolios and retail customer bases in the country. You will be part of a family of companies that strives for the highest standards of power generation, competitive energy sales, and energy delivery. Our team of outstanding professionals is focused on performance, thought leadership, innovation, and the power of ideas that come from a diverse and inclusive workforce.
Exelon will provide you the tools and resources you need to design, build and enhance a successful career. We are also dedicated to motivating the success of our employees through competitive base salary, incentives, and health and retirement benefits.
Join Exelon and share your passion at a forward-thinking Fortune 100 company. Establish yourself in a place where you can truly shine and create a brighter, more sustainable tomorrow. Energize your career at Exelon!
Provides deep technical expertise to provide Level 2/3 Cyber Security Incident Handling, Response and Remediation.
Designs, develops and implement cyber security capabilities to investigate, identify and actively defend Exelon infrastructure against Advanced Persitent Cyber Threats.Works closely with Incident Handling and Response Team Lead, Security Monitoring and Forensic Analysis teams to meet/exceed service levels.
|
||
Item |
Accountability |
% |
1 |
Perform and document work activities relating to level 2/3 CyberSOC Incident Response, Active Defense Cyber investigations and identification of indicators of advanced malware and persistent threats. Perform activities required to manage service level agreements. Work closely with Cyber Defense Incident Response Team Lead, Digital Forensics & eDiscovery Team Lead, Security Monitoring Team Lead to coordinate activities and services. |
50 |
2 |
Support the identification, containment, eradication, & recovery of sophisticated level 2/3 incidents. Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents. Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. Coordinate incident response functions. Perform cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation. Track and document cyber defense incidents from initial detection through final resolution. Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise. |
30 |
3 |
Update Incident Management & trouble tickets, providing timely & accurate status updates of ongoing activities |
5 |
4 |
Recommend short & long term adjustments to controls for immediate & future identification, containment & remediation. Coordinate with intelligence analysts to correlate threat assessment data. |
5 |
5 |
Provide direction on tuning of signatures, rules, alerts, parsers, & custom scripts. |
5 |
6 |
Contribute to IR process definition & development & maintenance of documented procedures & procedures, including process integration with managed security service providers, 3rd party vendors, internal IT organizations, & business units. Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies. Perform cyber defense trend analysis and reporting. |
5 |
Qualifications
Minimum: |
Preferred: |
|
|
|
|
POSITION SCOPE
Provide computer security Incident Handling & Response services to Exelon by serving in a front-line role for information security incidents. Responds to disruptions within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches to maximize survival of life, preservation of property, and information security. Investigates and analyzes relevant response activities and evaluates the effectiveness of and improvements to existing practices.
Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.
VEVRAA Federal Contractor