2022 Exelon Hiring Update
Our hiring process looks a bit different today as a result of the COVID-19 pandemic, with 100 percent virtual interviewing and other solutions in place to facilitate proper social distancing, we remain focused on powering possibilities for new talent who are ready to join us in making a difference. Those who apply for employment with Exelon must be fully vaccinated against COVID-19 as a condition of hire (i.e., have received two doses of a two-dose vaccine, or one dose of a single-dose vaccine), subject to approved requests for exemption.

Exelon was recently separated into two publicly traded companies, Exelon and Constellation. Exelon is the parent company for our fully regulated transmission and distribution utilities, delivering electricity and natural gas to more than 10 million customers. Constellation is the largest supplier of clean energy and sustainable solutions to homes, businesses and public-sector customers across the continental U.S., backed by more than 31,000 megawatts of generating capacity consisting of nuclear, wind, solar, natural gas and hydro assets. If you are looking for career opportunities in commercial, generation or home services, please visit jobs.constellationenergy.com for more information.

Principal, Cybersecurity Policy Advisor

This job posting is no longer active.

Location: BALTIMORE, MD, United States
Organization: Exelon Business Servcs Co, LLC
Job ID: 240862
Date Posted: Jun 26, 2022
Job: Security

Share: mail

Job Description


Be a part of something powerful at America's premier energy provider!

At Exelon, we are united by our values and shared vision for a cleaner and brighter future. We encourage curiosity, value diverse perspectives and we never stop looking for ways to be, work and do better. We know the future is in our hands. That's why we're looking for people like you, who have the power to make a difference.

As the nation's largest utility company, we serve more than 10 million customers through six fully regulated transmission and distribution utilities � Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco). All 18,000 of us are committed to delivering safe, reliable and affordable energy to our customers, strengthening our communities, supporting a clean energy future and reducing our impact on the changing climate.

Our people are the heart and soul of our business. Whether it's powering lives, supporting communities or collaborating with colleagues, an Exelon employee is talented, compassionate, forward-thinking and inspired. We are empowered to evolve and advance our careers in an open and inclusive environment. We pride ourselves on being the kind of place where people want to come and stay. We know that investing in our employees' futures strengthens ours, which is why we offer competitive compensation, incentives and health and retirement benefits.


The Principal, Cybersecurity Policy Advisor will focus on enhancing enterprise-wide cybersecurity compliance, developing processes, that adhere to best practices and industry frameworks to mitigate risk. This individual will engage in job duties outlined below, to enhance the resiliency of Exelon and to promote our mission of safeguarding the people, property, reputation, and shareholder value of the corporation. Serve as Exelon's subject matter expert for cybersecurity compliance requirements, including internal and external controls to support Exelon's desired risk posture and regulatory obligations, respectively Research and stay informed of any regulatory compliance obligations that may impact Exelon to identify potential changes in compliance requirements Collaborate with security, compliance, legal, IT/OT, facilities, and business teams to drive awareness of emerging compliance obligations in support of proactive planning efforts to meet regulatory requirements in a more timely, efficient manner Analyze the intent of the required control(s) requirement(s) and define the strategy to address compliance obligations efficiently and securely, while reducing the scope and associated costs to maintain compliance over time Develop recommendations to meet regulated and non-regulated security control requirements Drive consensus on the recommended path forward to address the requirement(s) with impacted stakeholders Support remediation efforts to resolve compliance gaps Develop evidence collection processes to verify required security controls are in place Support internal and external audit teams to validate requirements have been met Provide recommendations to revise, enhance, and/or develop new policies, standards, processes, and best practices to further reduce risk to Exelon relative to compliance obligations Develop implementation strategies and roadmaps to enable IT, OT, facilities, and business teams to achieve compliance and mitigate risk Lead, mentor, and develop others to grow the capabilities and effectiveness of the team


  • Provide guidance and operational management for cyber and physical security compliance programs (45%)
  • Collaborate with security, compliance, legal, IT/OT, facilities, and business teams to drive awareness of emerging compliance obligations in support of proactive planning efforts to meet regulatory requirements in a more timely, efficient manner (25%)
  • Support internal and external audit teams to validate requirements have been met (20%)
  • Identify potential cyber and physical security control requirements to meet regulatory obligations and internal security control requirements (10%)


Interact with internal stakeholders to deliver cyber compliance and perform related tasks Work under minimal supervision, following standard procedures to accomplish assigned tasks



  • Bachelor's degree in relevant field preferred, or equivalent experience required
  • 7+ years of professional industry experience focused on cybersecurity, physical security, risk, and compliance
  • A deep understanding of regulatory requirements and associated frameworks such as SOX, NERC CIP, NIST, ISO, FISMA, FARS, DFARS, CUI, CMMC is critical to success in this position
  • Deep understanding of cybersecurity concepts, including security exceptions management, the anatomy of an attack, and risk mitigation strategies
  • Experience with common security frameworks and industry regulatory requirements
  • Ability to effectively assess risk to the organization and define appropriate mitigation techniques and/or compensating controls
  • Experience helping organizations define, develop, deploy, and manage cybersecurity solutions across IT and Critical Infrastructure environments
  • Confident in leading end-to-end solutions � strategy, design, development, testing, training, implementation
  • Demonstrated project management experience leading teams and large-scale programs
  • Experience leading and deploying end-to-end compliance/privacy solutions including strategy and road mapping, policy design, development, implementation, adoption, and enforcement
  • Understanding of high-level application, database, cloud, and network security principles for risk identification, mitigation, and analysis
  • Experience working with popular GRC tools like ServiceNow, Archer, MetricStream
  • Understands current cyber and physical security best practices


  • Juris Doctorate
  • Experience in the Energy and Utilities industry
  • Experience working with internal and external auditing firms
  • Understanding of key cyber and legal concepts relative to regulatory compliance requirements
  • Professional Services or Consulting firm/industry experience
  • Experience in writing procedures and policies
  • Strong communication skills in a fast paced, dynamic, team-based environment
  • GICSP, CISSP, CISA, CISM, PMP certifications
  • A discipline in one of the following: Computer Science; Information Systems; Information Systems Security; Information Technology
  • Experience mentoring and providing coaching for personnel




Share: mail

Similar Jobs

Manager, OT Cyber Vulnerability Detection & Mgmt (Hybrid/Remote)

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

Sr Systems Security Engineer - Real Time

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

Cyber Defense Analyst - Real Time

BALTIMORE, MD, United States
Exelon Business Servcs Co, LLC

Frequent Job Searches

Recently Viewed Jobs

Most Recent Job Searches

Relevant Jobs

Personalize this site