• Exelon
  • Philadelphia , PA
  • Defense/Security Clearance
  • Full-Time
  • 1103 Market St

PRIMARY PURPOSE OF POSITION:

The OT Cyber Governance Senior Analyst (OTCGSA) supports the development, design, and implementation of the Operational Technology (OT) Security Governance Program. This position will act as a resource for all cyber security-related aspects of the OT Security Governance Program. Working with the OT Cyber Governance Senior Manager and other OT Governance stakeholders, the OTCGSA will provide proactive cyber security risk reduction within the OT arena. This position is a vocal advocate for cyber security risk reduction by building cyber security requirements into OT and services/solutions. This position requires demonstrable technical experience in a variety of security domains.

Other major responsibilities include:

* Develop, maintain, and promote cyber security relationships with OT and business clients, leadership, and other entities within the OT arena to provide timely, cost-effective, and consistently high-quality cyber security services.
* Broker engagement and acceptance of new OT security controls and requirements to be implemented by the business units.
* Leverage the Exelon Management Model, standards, and industry best practices to establish and sustain high quality cyber security capabilities, with specific emphasis on cyber security within operational technology
* Provide analytical and technical security recommendations to other team members, OT technical teams, and business clients.
* Work closely with OT technical teams to implement effective security configurations/requirements.

PRIMARY DUTIES AND ACCOUNTABILITIES:

* Develop, maintain, and promote Cyber Security relationships with OT and business clients, leadership, and other entities within the OT arena to provide timely, cost-effective, and consistently high-quality cyber security services. Broker engagement and acceptance of new OT security controls and requirements to be implemented by the business units.
* Work closely with OT technical teams to implement effective security configurations/requirements. Provide technical and security recommendations to OT and business leadership and technical teams to identify cost-effective and appropriate security technology solutions and develop security reference architectures and strategies to achieve business results as it pertains to the implementation and sustainability of the OT Security Governance Program. Assure successful implementation and functionality of OT cyber security requirements and appropriate OT policies and procedures that are consistent with Exelon's mission and goals.
* Work closely with the OT Security Governance Program team to provide status updates; participate in briefings and assist with the translation of extremely technical security-related activities and requirements into language that resonates with stakeholders.
* Maintain awareness of trends and issues in area of security, evaluate new security technologies or technology opportunities, and provide analysis of their potential impact to advantage the business.

POSITION SCOPE:

The OT Cyber Governance Senior Analyst supports the development, design, and implementation of the Operational Technology (OT) Security Governance Program. This position will act as a resource for all cyber security-related aspects of the OT Security Governance Program. Working with the OT Cyber Governance Senior Manager and other OT Governance stakeholders, the OTCGSA will provide proactive cyber security risk reduction within the OT arena. This position is a vocal advocate for cyber security risk reduction by building cyber security requirements into OT and services/solutions. This position requires demonstrable technical knowledge in a variety of security domains. This position has an impact on Exelon's ability to reduce OT-related cyber security risk across the enterprise and impacts Exelon's ability to properly secure its assets and maintain Exelon's reputation.

POSITION SPECIFICATIONS

Minimum:

* Bachelor's Degree in Engineering, Computer Science, Information Technology (IT), or a related discipline, and minimum of 5-8 years of solid, diverse experience in cyber security operational technology architecture and design, or equivalent combination of education and work experience
* Appropriate technical skills and in-depth knowledge of business unit functions and applications, including:

- Demonstrated experience with Operational Technology and the differences from IT systems when applying cyber security controls to Operational Technology systems

- Experience developing, evaluating, and implementing cyber and information security architectures, technologies, standards, and practices to secure Operational Technology

- Demonstrated knowledge of cyber security domains including but not limited to: security architecture and engineering, access management, communications and network security, system and asset security, vulnerability and threat management, security and risk management, cryptography, as they apply to Operational Technology.

- Excellent consultative skills, including teamwork, facilitation, prioritization and negotiation

- Strong leadership and interpersonal skills

- Strong verbal and written communication skills

- Demonstrated ability to present and discuss complex technical information in a way that establishes rapport, persuades others, and gains understanding and approval

Preferred:

* Graduate degree in cyber security or related discipline.
* Relevant security certifications (CISSP, GICSP)

- Demonstrated experience in SCADA, DCS, EMS, DMS, Protection and Control systems, or Industrial Control System technologies or embedded systems such as protection relays, remote terminal units (RTUs), Programmable Logic Controllers (PLCs), Human Machine Interfaces (HMIs), sensors and actuators, reclosers, smart meters, etc.

- Demonstrated experience in Transmissions and Substations, Distribution Automation, Advanced Metering Infrastructure, Natural Gas transmissions and distribution, or Generation lines of business

- Demonstrated experience in network architecture and network and communications security technologies

- Demonstrated experience in security architecture risk assessment, requirements development, secure design analysis, architecture assessment and development, and security testing of applications and systems

- Experience developing, evaluating, and implementing cyber and information security architectures, technologies, standards, and practices to secure applications, IT and OT systems

- Demonstrated knowledge and experience in the implementation of governance frameworks and security risk management processes, such as NERC CIP, NIST, ISO, or ISA/IEC 62443 guidelines and standards

- Demonstrated experience in addressing regulatory compliance for the security requirements in applicable laws and regulations, such as NERC CIP

- Knowledge and experience in security standards, methodologies, and technologies.

- Ability to assess devices and operating systems for vulnerabilities and develop appropriate security countermeasures

- Demonstrated experienced in Vulnerability Management processes including remediation tracking and resolution

* --

Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.

VEVRAA Federal Contractor



* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Upload your resume now!

Upload your resume

Loading some great jobs for you...