Sr Cyber Security Engineer
Location:
Owings Mills , Maryland
Posted:
October 22, 2017
Reference:
207968

Description

PRIMARY PURPOSE OF POSITION

 

The Senior Cyber Security Engineer (SCSE) will execute the highly technical, tactical elements of Exelon’s cyber security strategy, eliminating a functional cyber security capability gap while providing pro-active cyber security risk management.  The SCSE will act as a liaison to the Security Architect and Cloud and Infrastructure Operations/Engineering and Utility IT teams to effectively communicate and assist in architecting and implementing effective security solutions.  The SCSE will also assist with vulnerability mitigation, incident remediation, and will help manage change requests in support of cyber vulnerability remediation efforts.  The SCSE will support the implementation of system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.  The SCSE will perform security reviews to identify gaps in security architecture and will assist in the development of appropriate security risk management plans. 


Provide analytical and technical security recommendations to other team members, technical teams, and business clients, including:

- Provide cybersecurity guidance to leadership

- Work with stakeholders to resolve computer security incidents and vulnerability compliance

- Provide input to implementation plans and standard operating procedures as they relate to information systems security

- Develop specific cybersecurity countermeasures and risk mitigation strategies for systems and/or applications

- Work closely with technical teams to implement effective security configurations/requirements, including:

- Verify minimum security requirements are in place for all applications

- Ensure application of security patches for commercial/custom products integrated into system design

- Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed

- Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leadership

- Verify and update security documentation reflecting the application/system security design features

- Verify minimum security requirements are in place for all applications

- Work closely with the CVDM and application teams to ensure secure transition of applications into production.

- Assist with vulnerability mitigation, incident remediation, and associated change management activities.

Qualifications

POSITION SPECIFICATIONS

 

Minimum:

 

- Bachelor’s Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 8 or more years of solid, diverse experience in cyber security vulnerability assessments, or equivalent combination of education and work experience.

 

- At least 5-8 years of demonstrable security engineering or related experience, including:
– Expert knowledge of encryption algorithms

– Expert knowledge of cryptology 

– Expert knowledge of database systems 

– Expert knowledge of embedded systems 

– Expert knowledge of how system components are installed, integrated, and optimized

– Expert knowledge of human-computer interaction principles

– Expert knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)

– Expert knowledge of operating systems

– Expert knowledge of IT and OT security principles and methods, such as firewalls, demilitarized zones, and encryption

– Skill in evaluating the adequacy of security designs

– Expert knowledge of the systems engineering process

– Expert knowledge of network access, identity, and access management

 

- Comprehensive understanding of change management techniques associated with new technology implementation.

 

- Demonstrated experience producing an economic business case.

 

- Demonstrated leadership ability.

 

- Proven analytical, problem solving, and consulting skills.

 

- Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.

 

Preferred:

 

- Graduate degree in cyber security or related area of expertise.

 

- Relevant security certifications (CISSP, GIAC, MCSE, RHCE, CCNP, CCSP)

 

- Project Management Professional (PMP)

 

- Demonstrable, hands-on experience in one or more of following technical disciplines:
– Operating Systems (Microsoft, Linux, UNIX)
– Networking (Cisco, Checkpoint, Alcatel Lucent, Gigamon, RuggedCom)
– Mobility (IOS, Android, MDM, BYOD)
– Cryptography (PKI, lifecycle management, symmetric)
– Network Security Engineering (secure network design, IDS/IPS, monitoring, firewalls)
– Virtualization (VMware, HyperV)
– Remote Access Methods (VPN, Citrix, MFA)
– ICS / SCADA System Security (design, controls)

- Demonstrable understanding of the functional domains of security

- A strong technical understanding of scripting languages (Perl, Powershell), as well as strong proficiency in Python, Ruby, or Java

 

- Demonstrable experience with Industrial Control Systems, SCADA environments, and utility methods and practices for operational technologies and service delivery

 

- Demonstrable experience with network infrastructure management

 

- Strong understanding of enterprise, network, system, and application level security engineering principles

 

- Demonstrable understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks

 

- Demonstrable understanding of system hardening processes, tools, guidelines, and benchmarks

 


A little about us:

Exelon ​​believes in hiring men and women who've served in the military: they exemplify the leadership, teamwork, integrity, and commitment to excellence we need. Exelon attends military recruiting fairs with members of E-MAC (Exelon - Militaries Actively Connected), our employee resource group that supports veteran employees. We advertise in military publications, and partner with Transition Assistance Program (TAP) offices.

To learn more about where your skills in the military can be applied at Exelon, visit our military careers site.

Not ready to apply? Follow Exelon on LinkedIn to stay informed on our jobs and company news.

Know someone who would be interested in this job? Share it with your network.