Principal Systems Cyber Security Engineer - OT - Military Veterans

WHO WE ARE

As the nation's largest producer of clean, carbon-free energy, Constellation is focused on our purpose: accelerating the transition to a carbon-free future. We have been the leader in clean energy production for more than a decade, and we are cultivating a workplace where our employees can grow, thrive, and contribute.

Our culture and employee experience make it clear: We are powered by passion and purpose. Together, we're creating healthier communities and a cleaner planet, and our people are the driving force behind our success. At Constellation, you can build a fulfilling career with opportunities to learn, grow and make an impact. By doing our best work and meeting new challenges, we can accomplish great things and help fight climate change. Join us to lead the clean energy future.

TOTAL REWARDS

Constellation offers a wide range of benefits and rewards to help our employees thrive professionally and personally. We provide competitive compensation and benefits that support both employees and their families, helping them prepare for the future. In addition to highly competitive salaries, we offer a bonus program, 401(k) with company match, employee stock purchase program; comprehensive medical, dental and vision benefits, including a robust wellness program; paid time off for vacation, holidays, and sick days; and much more.

Expected salary range of $135,900 to $151,000, varies based on experience, along with comprehensive benefits package that includes bonus and 401(k).

PRIMARY PURPOSE OF POSITION

Principal Systems Security Engineer-Real Time possesses both a deep knowledge of current and planned security technologies across the Power generation environments. The Principal Systems Security Engineer-Real Time role acts as a liaison between the Generation OT teams, Legal, Security, Architecture groups, and Cloud and Infrastructure Operations/Engineering teams to effectively communicate and lead Industrial Control System security engineering design specification and implementing effective Industrial Control System security solutions. This role actively participates in relevant industry Industrial Control System cyber security workgroups and forums and also provide guidance for the development of documentation to support ongoing Industrial Control System security systems operations, maintenance, and problem resolution. This role must have an in-depth understanding of network infrastructure, firewalls, industrial control systems and intrusion detection systems, Security Information and Event Management (SIEM) systems, Endpoint Detection and Response (EDR) technologies and how they strategically intersect with business requirements. This role must also operate independently with little or no supervision yet provide frequent and relevant updates to leadership and stakeholders.

PRIMARY DUTIES AND ACCOUNTABILITIES

• Work with Operational Technology and Information Technology to develop Industrial Control System design specifications.
• Verify appropriate security design specifications are in place for Industrial Control System assets using a risk-based approach in alignment with Constellation's Cyber Security objectives.
• Work with Operational Technology, Information Technology, Constellation Security Engineering and Security Architecture Teams to develop a thorough understanding of Constellation's evolving computing environment, and the security technologies and architectures required to secure it.
• Review current regulatory roadmaps and help evaluate new external and internal controls to determine where they should fit into existing compliance strategies.
• Maintain a map of current regulatory and internal requirements applicable to Constellation and current architectures to identify gaps and help create projects for continuous improvement.
• Support regulatory audits
• Provide coaching/ mentorship for IT personnel within the team. Participate in career development and recognition activities. Promote diversity, equity, and inclusion and foster teamwork, collaboration, and a learning organization.

• Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and 8 to 10 years of solid, diverse experience in Cyber Security Engineering and/or Architecture, or equivalent combination of education and work experience.
• Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.
• Experience with enterprise and Industrial Control System specific security solutions (Boundary, Endpoint Detection and Response, Security information and Event Management, Passive Network Monitoring, etc.)
• Knowledge of how network services and protocols interact to provide network communications.
• Knowledge of incident categories, incident responses, and timelines for responses.
• Experience supporting projects, planning, maintenance and operations.
• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies.
• Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities.
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
• Experience with basic system administration, network, and operating system hardening techniques.
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Knowledge of OSI model and underlying network protocols (e.g., TCP/IP, Dynamic Host Configuration Protocol [DHCP]), and directory services (e.g., Domain Name System [DNS]).).
• Demonstrated experience and subject matter knowledge of SCADA or Industrial Control Systems.
• Demonstrated experience developing and implementing regulatory roadmaps and evaluating new external or internal controls for integration into existing compliance strategies.

• Graduate degree in cyber security or related area of expertise.
• Skill in using security event correlation tools.
• Demonstrated knowledge of cyber defense policies, procedures, and regulations.
• One or more of the following: GIAC Global Industrial Cyber Security Professional (GICSP), GIAC Response and Industrial Defense - GRID
• CISSP or SSCP designation
• Knowledge of NERC CIP, CMMC, NRC, and other cyber security regulated control framework and compliance based technical architecture
• Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• Knowledge of system and application security threats and vulnerabilities specific to Industrial Control System.