Sr Cyber Security Engineer - NERC CIP - Military Veterans

WHO WE ARE

As the nation's largest producer of clean, carbon-free energy, Constellation is focused on our purpose: accelerating the transition to a carbon-free future. We have been the leader in clean energy production for more than a decade, and we are cultivating a workplace where our employees can grow, thrive, and contribute.

Our culture and employee experience make it clear: We are powered by passion and purpose. Together, we're creating healthier communities and a cleaner planet, and our people are the driving force behind our success. At Constellation, you can build a fulfilling career with opportunities to learn, grow and make an impact. By doing our best work and meeting new challenges, we can accomplish great things and help fight climate change. Join us to lead the clean energy future.

TOTAL REWARDS

Constellation offers a wide range of benefits and rewards to help our employees thrive professionally and personally. We provide competitive compensation and benefits that support both employees and their families, helping them prepare for the future. In addition to highly competitive salaries, we offer a bonus program, 401(k) with company match, employee stock purchase program; comprehensive medical, dental and vision benefits, including a robust wellness program; paid time off for vacation, holidays, and sick days; and much more.

Expected salary range of $110,700 to $123,000, varies based on experience, along with comprehensive benefits package that includes bonus and 401(k).

PRIMARY PURPOSE OF POSITION

The Sr. Cyber Security Engineer (CSE) will execute the highly technical, tactical elements of the cyber security strategy, eliminating a functional cyber security capability gap while providing pro-active cyber security risk management. The CSE will act as a liaison to the Security Architect and Cloud and Infrastructure Operations/Engineering and Utility IT teams to effectively communicate and assist in architecting and implementing effective security solutions to achieve NERC CIP compliance. The CSE will ensure the implementation of system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation, and will perform security reviews to identify gaps in security architecture. The CSE will assist in the development of appropriate security risk management plans. The Sr. Cyber Security Engineer (CSE) will work closely (and primarily) with IT, Physical Security and Power IT to implement effective NERC CIP standards and requirements; provide analytical and technical recommendations where needed. Work with all parties for new standards or requirements for remediation and implementation efforts. Meet the business clients (IT/OT) and management to help specify and negotiate application security requirements; work closely with application teams to ensure secure transition of applications into production. Provide guidance around architecting and implementing effective NERC CIP solutions; develop documentation to support ongoing security systems operations, maintenance, and problem resolution. Ability to mitigate vulnerabilities, remediate incidents, and affect change requests in support NERC CIP remediation efforts.

PRIMARY DUTIES AND ACCOUNTABILITIES

• Provide analytical and technical security recommendations to other team members, technical teams, and business clients, including: (25%) Provide technical guidance regarding NERC CIP Standard and Requirement changes and implementations as well as other stakeholder and experts. Work with stakeholders to resolve issues around NERC CIP compliance. Provide input to implementation plans and standard operating procedures as they relate to information systems security. Develop specific risk mitigation strategies for systems and/or applications related to NERC CIP.


• Work closely with technical teams to implement effective security configurations/requirements, including: (25%) Verify security measures are implemented to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed meeting NERC CIP requirements. Verify and update documentation reflecting the application/system security design features related to NERC CIP for implementation team. Verify security requirements are in place for all applications related to NERC CIP.


• Work closely with all teams to ensure secure transition of new requirements into production. (25%)


• Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.

• Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 5 to 8 years of solid, diverse experience in cyber security vulnerability assessments, or equivalent combination of education and work experience.


• At least 5 years of demonstrable security engineering or related experience, including: Knowledge of NERC CIP technical requirements Knowledge of networking designs and topologies Knowledge of encryption and cryptology Knowledge of embedded systems (front and back end) Knowledge of how system components are installed, integrated, and optimized Knowledge of human-computer interaction principles Knowledge of cybersecurity principles and organizational requirements Knowledge of operating systems Knowledge of IT and OT security principles and methods, such as firewalls, demilitarized zones, and encryption Skill in evaluating the adequacy of security designs Knowledge of the systems engineering process Knowledge of network access, identity, and access management


• Comprehensive understanding of change management techniques associated with new and redeploy technology implementation.


• Demonstrated leadership ability.


• Proven analytical, problem solving, and consulting skills.

• Graduate degree in cyber security or related area of expertise.


• Relevant security certifications (CISA, CISSP, GIAC, MCSE, RHCE, CCNP, CCSP)


• Extensive technical NERC CIP experience and application.


• Strong understanding of enterprise, network, system, and application-level security engineering principles


• Demonstrable, hands-on expertise in the following technical disciplines: Operating Systems (Microsoft, Linux, UNIX) Networking (Cisco, Checkpoint, Alcatel Lucent, Gigamon, RuggedCom and Palo Alto) Mobility (IOS, Android, MDM, BYOD) Cryptography (PKI, lifecycle management, symmetric) Network Security Engineering (secure network design, IDS/IPS, monitoring, firewalls) Virtualization (VMware, HyperV) Remote Access Methods (VPN, Citrix, MFA) ICS / SCADA System Security (design, controls) Compliance Tools (Tripwire, Splunk, AssurX-CATSWeb)