2022 Exelon Hiring Update
Our hiring process looks a bit different today as a result of the COVID-19 pandemic, with virtual interviewing and other solutions in place to facilitate proper social distancing, we remain focused on powering possibilities for new talent who are ready to join us in making a difference.

Exelon was recently separated into two publicly traded companies, Exelon and Constellation. Exelon is the parent company for our fully regulated transmission and distribution utilities, delivering electricity and natural gas to more than 10 million customers. Constellation is the largest supplier of clean energy and sustainable solutions to homes, businesses and public-sector customers across the continental U.S., backed by more than 31,000 megawatts of generating capacity consisting of nuclear, wind, solar, natural gas and hydro assets. If you are looking for career opportunities in commercial, generation or home services, please visit jobs.constellationenergy.com for more information.

Back to Search Results
Previous Opportunity Next Opportunity

Manager Real Time Systems Security Engineering

This job posting is no longer active.

Location: WASHINGTON, DC, United States
Organization: Exelon Business Servcs Co, LLC
Job ID: 239057
Date Posted: May 21, 2022
Job: Security

Share: mail

Job Description

Description

At Exelon, we've got a place for you!

Join the nation's leading competitive energy provider, with one of the largest electricity generation portfolios and retail customer bases in the country. You will be part of a family of companies that strives for the highest standards of power generation, competitive energy sales, and energy delivery. Our team of outstanding professionals is focused on performance, thought leadership, innovation, and the power of ideas that come from a diverse and inclusive workforce.

Exelon will provide you the tools and resources you need to design, build and enhance a successful career. We are also dedicated to motivating the success of our employees through competitive base salary, incentives, and health and retirement benefits.

Join Exelon and share your passion at a forward-thinking Fortune 100 company. Establish yourself in a place where you can truly shine and create a brighter, more sustainable tomorrow. Energize your career at Exelon!

PRIMARY PURPOSE OF POSITION

The Manager Real-Time Systems Security Engineering (RTSSE) partners with Real Time Systems (RTS), Operational Technology (OT), Industrial Control Systems (ICS), aviation, and business teams to provide expert leadership to drive security architecture and engineering solutions by weighing the advantages of security technology standards, market availability of products, and risks and benefits of security technology introduction into Exelon’s RTS, OT, and ICS environments.  The Manager RTSSE provides comprehensive consultation to business units, aviation teams, and RTS/OT/ICS management and staff at the highest technical level throughout the Systems Development Life Cycle. The Manager RTSSE develops and maintains business, systems, and RTS/OT/ICS processes to support operations needs and requirements and translates technology and environmental conditions (e.g., law and regulation) into RTS/OT/ICS rules and requirements that describe baseline and target security architectures and engineering parameters. The Manager RTSSE is responsible for ensuring security architecture and engineering requirements for all RTS/OT/ICS and aviation cyber security projects throughout the development life cycle. The RTSSE operates independently with little or no direct supervision.

 

PRIMARY DUTIES AND ACCOUNTABILITIES

 Item

Accountability

%

1

Provide technical and security expertise to RTS/OT/ICS, aviation, and operations teams to identify security technology solutions and develop RTS/OT/ICS and aviation security engineering design specifications and strategies to achieve business results.  Ensure appropriate implementation of security technology and reference architectures within both the development and production environments.  Analyze user needs and security design requirements.    

30

2

Design and develop RTS/OT/ICS and aviation security engineering design specifications and strategy for all aspects of the security domain in alignment with the business strategy and goals. Develop/integrate cybersecurity designs for RTS/OT/ICS systems and networks with security zone requirements.  Provide input on security requirements to be included in statements of work and other appropriate procurement documents.    

20

3

Provide RTS/OT/ICS technical guidance and security expertise in the areas of security risk management and assessment, security policies and standards, NERC CIP and CFATS compliance requirements, and security architecture and engineering designs and implementations.

20

4

Provide technology and security expertise and advice to RTS/OT/ICS and aviation leadership in the development of strategic security technology and plans to support business strategies.  Translate proposed capabilities into technical requirements.          

10

5

Establish, maintain, and enhance relationships with business, aviation, and RTS/OT/ICS partners.  Communicate status to key stakeholders on a regular basis.

10

6

Maintain awareness of trends and issues in area of security expertise, evaluate new security technologies or technology opportunities, and provide analysis of their potential impact to advantage the business.

10

Qualifications

POSITION SPECIFICATIONS

Minimum:

Preferred:
  • Bachelor’s Degree in Computer Science, Operational Technology (OT), engineering, or a related discipline, and typically 8 or more years of solid, diverse experience in cyber security architecture and design, or equivalent combination of education and work experience.
  • Graduate degree in cyber security, engineering, or related area of expertise.
  • Relevant security certifications (CISSP, CISM, GICSP)
  • Appropriate technical skills and in-depth knowledge of business unit functions and applications, including:

 

    • Knowledge of Risk Management Framework (RMF) requirements
    • Knowledge of system fault tolerance methodologies
    • Knowledge of incident response and handling methodologies.
    • Knowledge of network security architecture concepts including topology, protocols, components, and principles
    • Knowledge of authentication, authorization, and access control methods.            
    • Knowledge of cryptography and cryptographic key management concepts   
    • Knowledge of database systems                               
    • Knowledge of embedded systems
    • Knowledge of how system components are installed, integrated, and optimized
    • Knowledge of ICS supply chain security and risk management policies, requirements, and procedure
    • Knowledge of human-computer interaction principle
    • Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)             
    • Ability to design architectures and frameworks         
    • Skill in applying cybersecurity methods, such as firewalls, demilitarized zones, and encryption                         
    • Knowledge of network access, identity, and access
    • Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services      
    • Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs
    • Knowledge of parallel and distributed computing concepts          
    • Knowledge of key concepts in security management (e.g., Release Management, Patch Management).  
    • Knowledge of configuration management techniques
    • Knowledge of disaster recovery continuity of operations plans

 

 
  • Appropriate technical skills and in-depth knowledge of business unit functions and applications, including:
    • Demonstrated experience and subject matter knowledge of SCADA, ICS, Distribution Automation, Smart Grid, DMS, and ECS systems architecture.
    • Experience in analyzing Basic Process Control Systems (BPCS), Safety Instrumented Systems (SIS), and Fire & Gas (F&G) systems
    • Demonstrated experience in aviation, cabin management systems and avionics
    • Demonstrated experience in security risk assessments, requirements development, secure design analysis, architecture assessment and development, and security testing of applications and systems.
    • Extensive experience developing, evaluating, and implementing ICS security architectures, technologies, standards, and practices to secure applications and OT systems.
    • Demonstrated knowledge and experience in the implementation of governance frameworks and security risk management processes, such as NIST, ISO, ISA99, IEC 62443 guidelines and standards.
    • Demonstrated experience in addressing regulatory compliance for the security requirements in applicable laws and regulations, such as NERC CIP, CFATS.
    • Demonstrated experience and subject matter knowledge in cyber security for applications, web architectures, operating systems, databases, and networks.
    • Knowledge and experience in application security standards, methodologies, and technologies.
    • Solid capability to assess network architectures and operating systems for vulnerabilities and develop appropriate security countermeasures.
    • Solid knowledge and experience with OT security aspects of operating systems, embedded operating systems, and Programmable Logic Controllers (PLC).
    • Experience in assessing security applications and systems, such as Cisco firewalls, security appliances, IDS/IPS, SSL or TLS, IPSec.
    • Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.
  • Comprehensive understanding of change management

techniques associated with new technology

implementation.

 
  • Demonstrated experience producing an economic business case.

 
  • Demonstrated leadership ability.

 
  • Proven analytical, problem solving, and consulting skills.

 
  • Excellent communication skills and the proven ability to work effectively with all levels of OT, aviation, and business management.

 

 

POSITION SCOPE

The Manager Real-Time Systems Security Engineer (RTSSE) provides cyber and RTS/OT/ICS security engineering expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. The Manager RTSSE develops security design specifications, conducts security risk assessments, designs security solutions, evaluates application and system architectures, and develops and reviews appropriate RTS/OT/ICS security architecture policies and standards.  The Manager RTSSE leads and manages the RTS/OT/ICS security architecture and business initiatives and projects to assist in mitigating security risks for operational applications and systems. This role serves as a senior technical staff member who provides technical RTS/OT/ICS security architecture expertise and guidance to team members and collaborates with other RTS/OT/ICS teams to address and resolve security issues. 

Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.

VEVRAA Federal Contractor

EEO is the Law Poster

 

Share: mail
 

Frequent Job Searches

Recently Viewed Jobs

Most Recent Job Searches

Relevant Jobs

Personalize this site