Sign In




Cyber Security Supervisor - IT Incident ResponseCyber Security Supervisor - IT Incident ResponseFalseFalse212879,<p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><strong>PRIMARY PURPOSE OF POSITION</strong></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><br>Supervisees the Incident Handling & Response processes.   Provides deep technical expertise to provide Level 2/3 Cyber Security Incident Handling, Response and Remediation.   Designs, develops and implement cyber security capabilities to investigate, identify and actively defend Exelon infrastructure against  Advanced Persistent Cyber Threats. Works closely with Manager, Cyber Defense Security Operations Center (SOC), Supervisor of Cyber Defense Forensics and other supervisors to meet/exceed service levels. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><strong>MAJOR ACCOUNTABILITIES</strong></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Supervise incident handling & response activities. Perform and document work activities relating to level 2/3 CyberSOC Incident Response, Active Defense Cyber investigations and identification of indicators of advanced malware and persistent threats. Perform activities required to manage service level agreements. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Work closely with Supervisor of Cyber Defense Forensics and Supervisor of Cyber Defense Monitoring to coordinate activities and services. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Provide direction and support in the identification, containment, eradication, & recovery of sophisticated level 2/3 incidents. Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.   Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.   Perform analysis of log files from a variety of sources (e. g. , individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Coordinate incident response functions.   Perform cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.   Track and document cyber defense incidents from initial detection through final resolution.   Collect intrusion artifacts (e. g. , source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Update Incident Management & trouble tickets, providing timely & accurate status updates of ongoing activities</p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Recommend short & long term adjustments to controls for immediate & future identification, containment & remediation.   Coordinate with intelligence analysts to correlate threat assessment data. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Provide direction on tuning of signatures, rules, alerts, parsers, & custom scripts. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Contribute to IR process definition & development & maintenance of documented procedures & procedures, including process integration with managed security service providers, 3rd party vendors, internal IT organizations, & business units. Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies. Perform cyber defense trend analysis and reporting. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><strong>POSITION SCOPE</strong></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">- Provides direction as a team supervisor. Provide computer security Incident Handling & Response services to Exelon by serving in a front-line role for information security incidents. Responds to disruptions within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches to maximize survival of life, preservation of property, and information security. Investigates and analyzes relevant response activities and evaluates the effectiveness of and improvements to existing practices. </p>