Senior Cyber Defense Threat Specialist

Exelon•Owings Mills, MD

About The Position

We're powering a cleaner, brighter future. Exelon is leading the energy transformation, and we're calling all problem solvers, innovators, community builders and change makers. Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient. We're powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service. We are a Fortune 200 company, 20,000 colleagues strong serving more than 10.7 million customers at six energy companies -- Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco). We're committed to creating an environment where every person can thrive. Our employee experience is grounded in four tenets that guide how we support our people: purposeful careers, growth opportunities, community impact, and support to thrive. In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking. And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career. Are you in? PRIMARY PURPOSE OF POSITION Provides advanced technical expertise for both cyber security incident handling and threat intelligence. Ensures timely response to security incidents while proactively identifying, researching, and mitigating emerging threats. The position leads development of detection models, threat indicators, and countermeasures, and collaborates across CSOC, threat intelligence, and forensics teams to protect enterprise assets.

Requirements

Bachelor's Degree in Computer Science or a related 4-year technical degree with 5 to 8 years of experience in IT or cyber security, or equivalent combination of education and work experience.
Proficiency in SIEM tools, network protocols, malware analysis, Linux, Windows OS, Network Security and Architecture, log and packet analysis, scripting languages (Python, PowerShell, Bash).
Knowledge of APT tactics, cyber kill chain, NIST/SANS controls, and advanced security technologies (BRO-IDS, malware sandboxing, endpoint protection, user behavior analytics).
Strong understanding of intrusion detection, event correlation, forensic techniques, and network security architecture.
Experience with incident triage, vulnerability management, and cyber hunting.
Excellent verbal and written communication skills; ability to write technical reports for layman interpretation.
Ability to work on-call during critical incidents or to support coverage requirements (including weekends/holidays).

Nice To Haves

Certifications: CISSP, GIAC (GCIA, GCIH), Security+, Network+, CCNA, CCNP.
Experience in intelligence-driven detection, SOC process management, and targeted intrusion investigations.
Ability to develop rules, filters, views, signatures, countermeasures, and applications and scripts relevant to operations.
Knowledge of cyber defense policies, procedures, regulations, and operational impacts of cybersecurity lapses.
Knowledge of SOA, REST, Web Services, authentication/authorization mechanisms.

Responsibilities

Lead Level 2/3 cyber security incident response: identification, containment, eradication, recovery. Perform active defense investigations and coordinate with CSOC, forensics, and other teams.
Analyze and remediate malware, advanced persistent threats (APT), and other sophisticated attacks. Collect, process, and analyze cyber warning assessments and intrusion artifacts.
Develop and deploy actionable threat intelligence, indicators, and countermeasures. Collaborate with threat intelligence analysts to maintain cyber threat profiles.
Create and maintain detection models, SIEM signatures, rules, and custom scripts for security tools. Provide direction on tuning of alerts, parsers, and operationally relevant applications.
Perform forensic analysis, network traffic/log reviews, and packet-level analysis to support investigations and incident response.
Provide cyber security research and advisory services on emerging threats, recommend adjustments to security controls, and contribute to IR process definition and documentation.
Document processes, maintain incident records, perform trend analysis, and publish cyber defense techniques and guidance.
Research cyber security trends, integrate findings into operational defense strategies, and support continuous improvement.

Benefits

Annual salary will vary based on a candidate’s skills, qualifications, experience, and other factors: $103,200.00/Yr. – $141,900.00/Yr.
Annual Bonus for eligible positions: 15%
401(k) match and annual company contribution
Medical, dental and vision insurance
Life and disability insurance
Generous paid time off options, including vacation, sick time, floating and fixed holidays, maternity leave and bonding/primary caregiver leave or parental leave
Employee Assistance Program and resources for mental and emotional support
Wellbeing programs such as tuition reimbursement, adoption and surrogacy assistance and fitness reimbursement
Referral bonus program
And much more
Note: Exelon-sponsored compensation and benefit programs may vary or not apply based on length of service, job grade, job classification or represented status. Eligibility will be determined by the written plan or program documents.