Principal Cyber Security Vul Mgmt Specialist - Customer Digital Platforms

We're powering a cleaner, brighter future.
Exelon is leading the energy transformation, and we're calling all problem solvers, innovators, community builders and change makers. Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient.
We're powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service. We are a Fortune 200 company, 19,000 colleagues strong serving more than 10 million customers at six energy companies -- Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco).
In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking. And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career.
Are you in?
PRIMARY PURPOSE OF POSITION

The Principal Cyber Security Vulnerability Management Specialist (PCSVMS) partners with IT and business teams to provide expert leadership to drive security technology by conducting formal tests on web-based applications, networks, and other types of computer systems on a regular basis, and determines/documents deviations from approved configuration standards and/or policies, and highlights the risks and benefits of technology introduction into Exelon's computing environments. The PCSVMS provides comprehensive consultation to CISS, the business units, and IT management and staff at the highest technical level for all aspects of the ethical hacking domain. This role will enhance security services provided by the Cyber Vulnerability Detection and Management team. This is a hands-on role requiring expert technical skills across a wide range of IT systems, applications, and infrastructure.

PRIMARY DUTIES AND ACCOUNTABILITIES

• Perform technical application and infrastructure Security Vulnerability assessments across a wide range of IT systems, including applications, web services, mobile applications, web-based applications, thick clients, Cloud solutions, etc. (60%)
• Provide technical guidance and security expertise in the areas of secure application development, security architecture risk management and assessment, security policies and standards, security architectures and implementations. (20%)
• Work with the Business to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the selection of cost-effective security controls to mitigate identified risks (10%)
• Maintain awareness of trends and issues in area of security expertise, evaluate new security technologies or technology opportunities, and provide analysis of their potential impact to advantage the business. (10%)

MINIMUM QUALIFICATIONS

• Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 7-10 years of solid, diverse experience in Cyber Security Vulnerability assessments, or in lieu of degree, 9-12 years combination of education and relevant work experience.
• At least 7-10 years of ethical hacking experience including experience in Information Security, application vulnerability testing, code-level security auditing, and secure code reviews.
• Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
• Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).
• Knowledge of network protocols (e.g., Transmission Critical Protocol/Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP]), and directory services (e.g., Domain Name System [DNS]).
• Knowledge of penetration testing principles, tools, and techniques.
• Knowledge of scripting/programming language structures and logic.
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Knowledge of host/network access control mechanisms (e.g., access control list).
• Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
• Knowledge of interpreted and compiled computer languages..
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
• Knowledge of threat environments.
• Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
• Knowledge of infrastructure supporting information technology (IT) for safety, performance, and reliability.
• Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation or privileges, maintaining access, network exploitation, covering tracks).
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Knowledge of basic system administration, network, and operating system hardening techniques.
• Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems.
• Comprehensive understanding of change management techniques associated with new technology implementation.
• Demonstrated experience producing an economic business case.
• Demonstrated leadership ability.
• Proven analytical, problem solving, and consulting skills.
• Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.

PREFERRED QUALIFICATIONS

• Reviewing current system security measures, recommending and implementing enhancements, and working with support teams to recommend remediation plans for identified vulnerabilities.
• Ensuring continuous monitoring of application security and developing best practices for handling security incidents/threats.
• Promptly responding to all security incidents and providing thorough post-event analyses.
• Establishing disaster recovery procedures and conducting breach of security drills in conjunction with our Cyber Vulnerability Detection and Management team.
• Cultivating a culture of security awareness, and arranging continuing education of personnel to ensure security policies and best practices are adhered to at all times during design, build and maintenance phases.
• Working with business to validate threats and explain response plans to ensure business continuity during threat remediation.
• Graduate degree in Cyber Security or related area of expertise.
• Relevant security certifications (CISSP, CISM, SABSA, GIAC)
• Demonstrated expert technical skills with various penetration testing technologies and tools.
• Demonstrated experience and subject matter knowledge in cyber and information security for applications, web architectures, operating systems, databases, and networks.
• Demonstrated experience and subject matter knowledge of SCADA, ICS, Distribution Automation, Smart Grid, DMS, and ECS systems architecture in relation to evaluating risk.
• Demonstrated experience and proven capabilities in network vulnerability assessment, application vulnerability assessment, application security architecture development, web application security, and application security testing.
• Demonstrated experience in addressing regulatory compliance for the security requirements in applicable laws and regulations, such as NERC CIP, SOX, PCI DSS, and HIPAA.
• Solid understanding and experience with security development lifecycle (SDL) processes for internally developed applications, including the web-based and Internet facing components.
• Demonstrated knowledge and experience in application security standards, methodologies, and technologies.
• Solid understanding to assess application and web architectures and operating systems for vulnerabilities and develop appropriate security countermeasures.
• Solid knowledge and experience with IT security aspects of operating systems, Active Directory, database (SQL) access, LDAP, Microsoft SharePoint, and web server configurations.
• Demonstrated experience in assessing and testing security applications and systems, such as Cisco firewalls, security appliances, IDS/IPS, SSL or TLS, IPSec, and web services security.
• Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.