Sr Cyber Security Engineer

Who We Are: We're powering a cleaner, brighter future.

Exelon is leading the energy transformation, and we're calling all problem solvers, innovators, community builders and change makers. Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient.

We're powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service. We are a Fortune 200 company, 19,000 colleagues strong serving more than 10 million customers at six energy companies -- Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco).

In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking. And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career.

Are you in? Primary Purpose:

The Cyber Security Engineer (CSE) will execute the highly technical, tactical elements of the Security Architects' (and overall CISS) cyber security strategy, eliminating a functional cyber security capability gap while providing pro-active cyber security risk management. The CSE will act as a liaison to the Security Architect and Cloud and Infrastructure Operations/Engineering and Utility IT/OT teams to effectively communicate and assist in architecting and implementing effective security solutions. The CSE will also assist with vulnerability mitigation, incident remediation, and will help manage change requests in support of cyber vulnerability remediation efforts. The CSE will ensure the implementation of system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation, and will perform security reviews to identify gaps in security architecture. The CSE will assist in the development of appropriate security risk management plans.

Note: This is a hybrid position (in-office with remote flexibility). Employees are required to be in office at least three days per week (Tuesday, Wednesday, and Thursday). This position must sit out of our Millsboro - DE, Philadelphia - PA, Oakbrook Terrace - IL or Owings Mills - MD office. This position is not eligible for relocation assistance.

Primary Duties:

• Provide analytical and technical security recommendations to other team members, technical teams, and business clients, including: Provide cybersecurity guidance to leadership Work with stakeholders to resolve computer security incidents and vulnerability compliance Provide input to implementation plans and standard operating procedures as they relate to information systems security Develop specific cybersecurity countermeasures and risk mitigation strategies for systems and/or applications
• Work closely with technical teams to implement effective security configurations/requirements, including: Verify minimum security requirements are in place for all applications Ensure application of security patches for commercial/custom products integrated into system design Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leadership Verify and update security documentation reflecting the application/system security design features Verify minimum security requirements are in place for all applications
• Work closely with the Vulnerability Management and application teams to ensure secure transition of applications into production.
• Assist with vulnerability mitigation, incident remediation, and associated change management activities.

Job Scope:

The Cyber Security Engineer (CSE) will work closely (and primarily) with Cloud and Infrastructure Operations/Engineering and Utility IT/OT clients to implement effective security configurations and requirements; provide analytical and technical security recommendations to other team members, technical teams, and business clients; act as a senior technical lead for all Exelon security remediation efforts; meet with Exelon business clients and management to help specify and negotiate application security requirements; work closely with Exelon application teams to ensure secure transition of applications into production; develop technology to automate cyber security monitoring, logging, and compliance with CISS standards; actively participate in relevant industry cyber security workgroups and forums; act as a liaison to the Security Architect and Cloud and Infrastructure Operations/Engineering and Utility IT/OT teams to effectively communicate and assist in architecting and implementing effective security solutions; develop documentation to support ongoing security systems operations, maintenance, and problem resolution; mitigate vulnerabilities, remediate incidents, and affect change requests in support of cyber vulnerability remediation efforts; work closely with the Security Policy and Risk Office to assist with the identification, analysis, and remediation of Exelon cyber security risk

Minimum Qualifications:

• Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 8 or more years of solid, diverse experience in cyber security vulnerability assessments, or equivalent combination of education and work experience.
• At least 5-8 years of demonstrable security engineering or related experience, including: Knowledge of encryption algorithms Knowledge of cryptology
• Knowledge of database systems
• Knowledge of embedded systems
• Knowledge of how system components are installed, integrated, and optimized
• Knowledge of human-computer interaction principles
• Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, accountability, authentication, non-repudiation)
• Knowledge of operating systems
• Knowledge of IT and OT security principles and methods, such as firewalls, IDS/IPS, demilitarized zones, and encryption Skilled in evaluating the adequacy of security designs
• Knowledge of the systems engineering process
• Knowledge of network protocols, routing principles, identity and access management
• Comprehensive understanding of change management techniques associated with new technology implementation.
• Demonstrated experience producing an economic business case.
• Demonstrated leadership ability.
• Proven analytical, problem solving, and consulting skills.
• Excellent communication skills and the proven ability to work effectively with all levels of IT/OT and business management.

Preferred Qualifications:

• Graduate degree in cyber security or related area of expertise.
• Relevant security certifications (CISSP, GIAC, MCSE, RHCE, CCNP, CCSP)
• Demonstrable, hands-on expertise in the following technical disciplines: Operating Systems (Microsoft, Linux, UNIX) Networking (Cisco, Checkpoint, Alcatel Lucent, Gigamon, RuggedCom) Mobility (IOS, Android, MDM, BYOD) Cryptography (PKI, lifecycle management) Network Security Engineering (secure network design, IDS/IPS, monitoring, firewalls) Virtualization (VMware, HyperV) Remote Access Methods (VPN, Citrix, MFA) ICS / SCADA System Security (design, controls) Demonstrable understanding of the 10 functional domains of security
• A strong technical understanding of scripting languages (Perl, Powershell), as well as strong proficiency in Python, Ruby, or Java
• Demonstrable experience with Industrial Control Systems, SCADA environments, and utility methods and practices for operational technologies and service delivery
• Strong understanding of enterprise, network, system, and application level security engineering principles
• Demonstrable understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks
• Demonstrable understanding of system hardening processes, tools, guidelines, and benchmarks
• Firewalls (Cisco, Palo Alto, Checkpoint), Operating Systems (UNIX, LINUX, Windows etc.)

Benefits:

• Annual salary will vary based on a candidates skills, qualifications, experience, and other factors: $98,400.00/Yr. $135,300.00/Yr.
• Annual Bonus for eligible positions: 15%
• 401(k) match and annual company contribution
• Medical, dental and vision insurance
• Life and disability insurance
• Generous paid time off options, including vacation, sick time, floating and fixed holidays, maternity leave and bonding/primary caregiver leave or parental leave
• Employee Assistance Program and resources for mental and emotional support
• Wellbeing programs such as tuition reimbursement, adoption and surrogacy assistance and fitness reimbursement
• Referral bonus program
• And much more

Note: Exelon-sponsored compensation and benefit programs may vary or not apply based on length of service, job grade, job classification or represented status. Eligibility will be determined by the written plan or program documents.