Who We Are: We’re powering a cleaner, brighter future.
Exelon is leading the energy transformation, and we’re calling all problem solvers, innovators, community builders and change makers. Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient.
We’re powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service. We are a Fortune 200 company, 19,000 colleagues strong serving more than 10 million customers at six energy companies - Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco).
In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking. And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career.
Are you in? Primary Purpose:
Lead the SOC analysts and escalate relevant issues to the SOC Manager. Provide guidance and management of analysts on a daily basis. Communicate regularly with SOC Manager to provide updates on Security Monitoring posture. Designs, develops and implements cyber security capabilities to investigate, identify and actively defend Exelon infrastructure against Advanced Persistent Cyber Threats. Works closely with the SOC Manager, as well as other supervisors to meet/exceed service levels.

• Supervise analyst activities. Perform and document work activities relating to SOC Incident Response and active SOC investigations. Work closely with the SOC Manager, as well as other supervisors, to perform duties in support of the Joint Security Operations Center mission.
• Provide a point of escalation for Security Monitoring Analysts. Provide direction and support in the identification, containment, eradication, & recovery of incidents. Coordinate and provide expert technical support to enterprise-wide cyber defense analysts to resolve cyber defense incidents. Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
• Maintain & enforce adherence to Joint Security Operations Center standards, policies & procedures.
• Participate in efforts to analyze & define security filters & rules for a variety of security parameters. Recommend short & long term adjustments to controls for immediate & future identification, containment & remediation. Provide direction on tuning of signatures, rules, alerts, parsers, & custom scripts.
• Oversee updates to documentation of the Security Operations Center. Contribute to process definitions & development & maintenance of documented procedures & procedures, including process integration with managed security service providers, 3rd party vendors, internal IT organizations, & business units. Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies. Perform cyber defense trend analysis and reporting.
• Remain up-to-date on the latest security information in order to validate the security analysis & identification capabilities of the security operations technologie