Sign In

 

 

 

Cyber Security Vulnerability Detection and Management ManagerCyber Security Vulnerability Detection and Management ManagerFalseFalse213585https://exeloncorp.taleo.net/careersection/exelon_external/jobdetail.ftl?job=213585, https://exeloncorp.taleo.net/careersection/exelon_external/jobdetail.ftl?job=213585<p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><strong>PRIMARY PURPOSE OF POSITION:</strong></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">The Cyber Security Vulnerability Detection and Management Manager is responsible for supporting the architecture, implementation, and ongoing maintenance of the Cyber Security Vulnerability Detection and Management program, ensuring the confidentiality, integrity, and availability of all corporate assets.   This role is responsible for the design and operation of cyber security vulnerability solutions to ensure these solutions are implemented in accordance with industry standards, best practices, and Exelon Management Model governance.   This role is required to participate in the creation of and/or maintenance of policies, standards, baselines, guidelines, and procedures, as well as conduct risk and vulnerability assessments on a large array of IT/OT systems. This position requires the development and production of appropriate Key Risk Indicator (KRI), Key Performance Indicator (KPI), Performance Indicator (PI) and other metrics to measure and report on team effectiveness.   This position requires active communication with development teams, infrastructure teams, and business areas supporting assessment requirements for core business functions and will manage a geographically diverse team.   This position also leads, coordinates, communicates, integrates, and is accountable for the overall success of the Cyber Vulnerability Detection and Management program. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><strong> PRIMARY DUTIES AND ACCOUNTABILITIES:</strong></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">Lead a geographically diverse team providing direction, management oversight, performance appraisals, and mentoring, career development; promote diversity and teamwork with other Security groups. Perform vendor management of associated Cyber Vulnerability platforms and solutions. Develop and manage team metrics.   May require travel up to 10%. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">Develop and maintain annual vulnerability assessment schedule through interaction with business units, project management, emergent assessments and inclusion of business-critical applications requiring predefined assessment requirements. Support and maintain a remediation tracking solution, enforcing accountability through final resolution. Ensure plans of actions and milestones or remediation plans are in place for vulnerabilities identified during vulnerability assessments.   Management of Security Patch Management and Vulnerability Management processes and enforcement.    Measure the effectiveness of the enterprise's cybersecurity safeguards to ensure they provide the intended level of protection.  </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">Manage Vulnerability Threat and Industrial Control Systems notifications of emergent vulnerabilities ensuring remediation tracking. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><br>Oversee supporting security related functions, processes, and engagement to include Firewall risk assessment and Data Loss Prevention. Maintain monthly reporting to senior Security management and Business Units for all Vulnerability Management responsibilities. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">Lead and manage NERC CIP vulnerability assessment program and requirements that include active or paper-based assessments, project management, adherence to reporting standards, enforcement of security compliance standards and remediation tracking. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"> </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;">Establish, maintain, and enhance relationships with business and IT partners.   Communicate status to key stakeholders on a regular basis. </p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><br><strong>POSITION SCOPE:</strong></p><br><p style="MARGIN-BOTTOM:0px;MARGIN-TOP:0px;"><br>The Cyber Security Vulnerability Detection and Management Manager role provides direction and oversight to enterprise infrastructure and assets applying security best standards for remediation of known vulnerabilities. Deliverables for this role will be focused on identification, communication, and remediation of identified cyber security vulnerabilities. The Cyber Security Vulnerability Detection and Management Manager will provide project management, resources, and support of annual NERC CIP compliance requirements and manage the annual NERC CIP assessments. This role requires collaboration across the entire enterprise/business units to support remediation efforts. Support of the firewall risk-based assessments is a key component of this role providing guidance on minimizing risk. This role requires close integration with other internal security teams. </p>