Sr. Insider Risk Cyber Engineer

Job Description

Description

At Exelon, we've got a place for you!
 
Join the nation's leading competitive energy provider, with one of the largest electricity generation portfolios and retail customer bases in the country. You will be part of a family of companies that strives for the highest standards of power generation, competitive energy sales, and energy delivery. Our team of outstanding professionals is focused on performance, thought leadership, innovation, and the power of ideas that come from a diverse and inclusive workforce.
 
Exelon will provide you the tools and resources you need to design, build and enhance a successful career. We are also dedicated to motivating the success of our employees through competitive base salary, incentives, and health and retirement benefits.
 
Join Exelon and share your passion at a forward-thinking Fortune 100 company. Establish yourself in a place where you can truly shine and create a brighter, more sustainable tomorrow. Energize your career at Exelon!

PRIMARY PURPOSE OF POSITION
As a member of the Insider Threat Program (ITP) team, analyze data in UEBA, SIEM and log aggregation tools to detect, identify and defend Exelon employees and assets against malacious activity. Lead the development and tuning of UEBA rules and models to monitor, detect and respond to data loss, asset misuse, and IT system sabotage. Work closely with cyber and physical security teams to investigate insider threat incidents.
    
MAJOR ACCOUNTABILITIES
- Develop, enhance, and tune UEBA rules and models, data parsers, and context tables. 40%
- Perform analysis of UEBA alerts, correlating data across the cyber security toolset, to prevent, detect, and mitigate potential insider threats. 40%
- Participate in threat hunting operations to detect vulnerabilities and insider threat activity. 10%
- Provide insider risk research and advisory services. 5%
- Assist in the development of policy, processes, procedures an associated metrics. 5%

Qualifications

Required:

- Bachelor’s degree in computer science or a related 4-year technical degree with 5 to 8 years of experience in insider threat, cyber security, or IT, or equivalent combination of education and work experience.
- 5+ years experience supporting complex network architecture at enterprise level
- Prior experience with UEBA applications, preferabbly Exabeam
- Has foundational experience in Security Operations
- Strong analytical and technical skills in computer network defense operations, experience with Incident Handling (Detection, Analysis, Triage) 
- Knowledge of design processes, to include understanding of security objectives, operational objectives, and tradeoffs
- Signatures, rules, and content development and deployment
- Demonstrable experience with scripting languages that may include BASH, PowerShell, Python, PERL, RUBY
- A working knowledge of the various operating systems (Windows, OS X, Linux)
- Knowledge of common network protocols: TCP, IP, UDP, ICMP, SMTP, DNS, DHCP, SQL, HTTP, HTTPS, SSH, FTP, etc
- Experience with security technologies such as SIEM, Endpoint Protection, and log collection
- Conceptual understanding of Cyber Hunting
- Strong verbal and written communication skills. Candidate must be able to effectively convey complex technical information to both technical and non-technical audiences including investigators, senior management, team members and others
- Demonstrated problem solving skills. Candidate must possess strong analytical skills to identify complex security issues.

Preferred:
- 3+ years of direct insider risk analysis experience 
- Demonstrated skill in administration and tuning of rules in Exabeam
- CISSP,  SANS GIAC, or other relevant certification
- Knowledge of insider risk program requirements and development, including legal and regulatory concerns.
- Prior experience at an electrical utility and with NERC CIP compliance

Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.
 
VEVRAA Federal Contractor
 
EEO is the Law