Sign In




Assoc Cyber Defense Analyst - Real Time SystemsAssoc Cyber Defense Analyst - Real Time SystemsFalseFalse212665,<p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><strong>PRIMARY PURPOSE OF POSITION</strong><br></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">Perform the security monitoring process using independent  judgment and discretion to escalate relevant issues to the Supervisor, Cyber Defense Monitoring Team - Real Time. .   Identify potential security incidents and forward to the appropriate  team for further analysis. Uses data collected from a variety of cyber defense tools (e. g. , IDS alerts, firewalls, network traffic logs. ) to analyze events that occur within their environments for the purposes of mitigating threats. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><strong> PRIMARY DUTIES AND ACCOUNTABILITIES</strong><br></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Perform cyber security monitoring of Industrial Control/SCADA systems with established monitoring tools including Industrial Defender and Splunk<br>Perform tracking of cyber events as required for NERC CIP Compliance. <br>Interface with various business entities to determine nature of detected cyber events, perform detailed analysis on cyber events and advise entities on methods to improve security posture<br></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Create detailed documentation on use of monitoring systems, topology and details of business entity ICS/SCADA systems, and performance of NERC CIP logging monitoring and alerting processes<br></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Provide daily summary reports of network events and activity relevant to cyber defense practices. Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity. <br></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Remain up-to-date on the latest security information in order to validate the security analysis & identification capabilities of the security operations technologies<br></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Participate in efforts to analyze & define security filters & rules for a variety of security parameters</p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><strong>POSITION SCOPE</strong><br>Provide near real-time monitoring of business centric risks to Exelon by identifying potential security incidents from security alerts. </p>