PRIMARY PURPOSE OF POSITION
Senior Leader responsible for daily management and operational oversight of the Cyber Defense Operations teams. This includes the Cyber Security Operations Center (CSOC), Digital Forensics and Malware team, and the Cyber Security Systems Engineering team. The Senior Leader is accountable for executation of the corporate and departmental strategies against established goals for all teams. Executes decision making authorities and establishes vision and direction for an organization's cyber and cyber-related resources and/or operations.
1. Lead team of 25+ Cyber Security professionals to provide 24x7 Cyber Security Operational Services to all Exelon Operating Companies and BSC Practice Areas
2. Develop, maintain and promote a Cyber Security Operational Framework and service relationships with IT Leadership, Human Resources, Legal, Internal Audit and Regulatory entities to provide timely, cost effective and consistently high quality services
3. Develop, recruit and retain a diverse, capable, high performance Cyber Security work force. Evaluate performance and provide personnel coaching. Promote diversity and foster teamwork, collaboration, and a learning organization. Provide input on staff development and retentionprocesses
4. Leverage Exelon Management Model, Standards and Industry best practices to establish and sustain high quality Cyber Security capabilities and service levels, with specific emphasis on Cyber Defense Operations and Cyber Security Incident Response.
5. Develop and participate in external liaison relationships to share, learn and influence 3rd party Cyber Security Operations viewpoints and best practices
6. Manage a budget totaling nearly $7 Million O&M annually, plus Capital Investment Budget 7 Serve as Security Incident Response Team (SIRT) Commander
- 15 years IT or Cyber Security experience, including 8+ years in a leadership role, within a fast paced Business or Technical Operational Support Services function.
- Demonstrated Operational Planning, Execution and Improvement, combined with customer engagemnt skills and experinece leading teams and people through organizational and operational change.
- Knowledge of IT infrastructure technologies including network, server, storage, telecom data cneter support and monitioring tools.
- Advance interpersonal skills, communications skills , and persentation skills up to C-suite audience.
- Excellent consultative skills, including teamwork, facilitation, prioritization and negotiation.
- Demonstrated ability to present and discuss complex technical information in a way that establishes rapport, persuades others, and gains understanding and approval.
- Availability for occasional travel to various work locations, external liaison activities and vendor locations.
- Available for 24x7 on-call response to operational events and incident response.
- Track record of successfully developing, implementing and optimizing Cyber Security Ooperational Centers and Teams.
- Bachelor’s degree in Engineering or Computer science required; MA or MS in Computer Science or related technical field preferred
- General Info Security experience: Security Principles, Threat Lifecycle Management, Incident Management & Lifecycle, Familiarity with Industry Standards (NIST 800-53, ISO 27001, etc.) and Security operations best practices. Knowledge of network protocols (e.g., Transmission Control Protocol/Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [ DHCP] and directory services (e.g, Domain Name System [DNS], Active Directory). Knowledge of incident categories, incident responses, and timelines for responses. Knowledge of incident response and handling methodologies. Knowledge of Digital Forensic and eDiscovery methodologies and processes. Knowledge of Network Security monitoring and Cyber Security Systems Engineering best practices and operational processes. Knowledge in Cyber Threat Intelligence and establishing Cyber Threat Hunting operational teams.
- Lead total staff over 25 FTEs, plus contract labor and 3rd party provided professional services. Ability to cover effectively as acting Director as a delegated duty.
- Manage overall budget of nearly $7 Million annual O&M, plus annual capital investment
- Position responsibility has a high impact on Exelon capability to secure information; demonstrate compliance to multiple regulatory requirements; maintain company reputation and company performance. Performance results can adversely or positively impact earnings per share by a combination of company reputation and investor confidence, compliance penalties and intellectual property (OP) protection.
- Develop, recruit and retain a diverse, capable, high performance Cyber Security work force. Evaluate performance and provide personnel coaching. Promote diversity and foster teamwork, collaboration, and a learning organization. Provide input on staff development and retentionprocesses
- Participate as part of the overall Senior Leadership team for Coporate Information and Security Services
- Reports to Director – Cyber and Information Security Services