Sr Analyst CyberSoc Monitoring

Recruiter
Location
Owings Mills, Maryland
Salary
Competitive
Posted
23 Sep 2016
Closes
19 Oct 2016
Ref
3017862
Sector
Oil and Gas
Contract Type
Permanent
Hours
Full Time

At Exelon, we've got a place for you!

Join the nation's leading competitive energy provider, with one of the largest electricity generation portfolios and retail customer bases in the country. You will be part of a family of companies that strives for the highest standards of power generation, competitive energy sales, and energy delivery. Our team of outstanding professionals is focused on performance, thought leadership, innovation, and the power of ideas that come from a diverse and inclusive workforce.

Exelon will provide you the tools and resources you need to design, build and enhance a successful career. We are also dedicated to motivating the success of our employees through competitive base salary, incentives, and health and retirement benefits.

Join Exelon and share your passion at a forward-thinking Fortune 150 company. Establish yourself in a place where you can truly shine and create a brighter, more sustainable tomorrow. Energize your career at Exelon!
PRIMARY PURPOSE OF POSITION

Perform the Security Monitoring process and escalate relevant issues to the Security Monitoring Team Lead.

Identify potential
security incidents and forward to the Incident Handling & Response team for analysis and remediation as appopriate.
PRIMARY DUTIES AND ACCOUNTABILITIES

-Complete Cyber Monitoring and Incident Response Operations Playbook/Checklist activities including, but not limited to: log
review, vulnerability management activities, management report scheduling & running, alert analysis, filter modifications & escalation follow up activity status
35

-Develop, tune, and maintain tools to automate analysis capabilities for network-based, host-based and log-based security event analysis.

Create signatures, rulesets, and content analysis definitions from various intelligence sources for a variety of security detection capabilities
25

-Organize and maintain documentation of detection capabilities, alert definitions, policy configurations, and tool rulesets.

10
-Maintain adherence to Corporate Security Operations Center standards, policies & procedures
10

-Remain up-to-date on the latest security information in order to validate the security analysis & identification capabilities of the security operations technologies

10

-Participate in efforts to analyze & define security filters & rules for a variety of security parameters
10
POSITION SPECIFICATIONS

Minimum:

-Bachelors Degree in Computer Science or a related 4-year technical degree (or a minimum 4 years of IT experience)

-Minimum 3 years IT Security experience

-Core Technical: Intrusion Detection, Netflow Analysis, Log Analysis, Rule/Signature/Content Development, Programming or scripting experience required.

-General: Must exhibit understanding and application of the principles of Network Security Monitoring (NSM).

Ability to analyze log data, netflow data, alert data, network traffic and other data sources to validate security events. Ability to create signatures and detection content in IDS, SIEM and Log analysis platforms. Ability to consume, comprehend, utilize and create indicators of compromise. Ability to tune detection tools for accuracy. Execute on intelligence-driven detection capabilities.

Perform daily analysis of detection reports and alerts.

Maintain tools, scripts and applications for detection and automation capabilities.

Identify opportunities for capability and efficiency improvements.

Ability to conduct network and host analysis of compromised and baseline systems to identify anomalies.

Exhibit understanding of tools, tactics and procedures (TTP) of malicious actors such as hacktivist groups, cybercrime organizations and advanced persistent threats.

Identify and report on detection trends. Comprehensive knowledge of common networking protocols: HTTP, DNS, DHCP, SMTP, NTP, SSH, FTP.

Preferred:

-General Info Security: Intelligence-Driven Detection, Security Principles, Threat Lifecycle Management, Incident Management & Lifecycle, Platform Analysis,

Forensics & Investigations, NSM, DFIR

-Cyber SOC Process Management: Overall Process Design & SOC Threat Management, Teamwork, Collaboration and independent contributions

-Malware Analysis experience preferred.


Qualifications:
Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.

VEVRAA Federal Contractor