Principal Network And Cyber Security Architect

Pepco Energy Services Christiana , DE 19702

Posted 2 weeks ago

PRIMARY PURPOSE OF POSITION:

The Principal Network and Cyber Security Architect (PNCSA) partners with IT and business teams to provide expert leadership to drive network and security technology and security reference architecture solutions by weighing the advantages of network and security technology standards, market availability of products, and risks and benefits of security technology introduction into Exelon's network and computing environments. The PNCSA provides comprehensive consultation to business units and IT management and staff at the highest technical level for all aspects of the network and security architecture. The PNCSA develops and maintains business, systems, and IT/OT processes to support enterprise mission needs and requirements; translates technology and environmental conditions (e.g., law and regulation) into IT/OT rules and requirements that drive network designs and target baseline security architectures. The PNCSA designs enterprise class networks and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into network architecture and security designs complimenting compute environments supported. The PNCSA operates independently with little or no direct supervision.

PRIMARY DUTIES AND ACCOUNTABILITIES:

  • Provide network technical and security expertise to IT and business teams to identify network and security technology solutions and develop network and security reference architectures and strategies to achieve business results. E

  • Ensure appropriate implementation of network topology and security technology and reference architectures within both the development and production environments. Analyze user needs and requirements to plan both network and security architecture.

  • Design and develop enterprise-wide network and security architecture and strategy for all aspects of the security domain in alignment with the business strategy and goals.

  • Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or defense in depth (DiD) framework. Provide input on network architecture, segmentation and security requirements to be included in statements of work and other appropriate procurement documents.

  • Provide technical guidance and expertise in the areas of network architecture development, network design risk management and assessment, computer and application optimization policies and standards, network architectures and implementations enhancing compute performance.

  • Provide technical guidance and expertise in the areas of secure application development, security architecture risk management and assessment, security policies and standards, security architectures and implementations.

  • Provide network technology and security expertise and advice to IT leadership in the development of strategic network and security technology and plans to support business strategies. Translate proposed capabilities into technical requirements.

  • Establish, maintain, and enhance relationships with business and IT partners. Communicate status to key stakeholders on a regular basis.

  • Maintain awareness of trends and issues in areas of network and security expertise, evaluate new network and security technologies or technology opportunities, and provide analysis of their potential impact to advantage the business.

POSITION SPECIFICATIONS

Minimum:

  • Bachelor's Degree in Electrical Engineering, Computer Engineering, or a related discipline, and typically 12-15 or more years of solid, diverse experience in network and cyber security architecture and design, or equivalent combination of education and work experience.

  • Appropriate technical skills and in-depth knowledge of business unit functions and applications, including:

  • Expert knowledge of routed network protocols such as IP, DNP, TCP, UDP, DHCP, BOOTP, SSH, FTP. TFTP, SMTP, SNMP, SLIP, PPP, ARP, RARP, and SIP.

  • Expert knowledge of networks such as Ethernet, ATM, SONET, ISDN, OSI, Frame Relay, T1 and/or T3.

  • Expert knowledge of routing protocols such as IGRP, EIGRP, OSPF, RIPv1, RIPv2, IS-IS, and EBGP.

  • Expert knowledge of architecting, designing, installing and configuring network support systems and security systems (for example, syslog servers, radius servers, bootp/dhcp servers, ftp servers, tftp servers, ntp servers, dns servers, directory services, Microsoft Windows and/or windows product installs).

  • Expert knowledge of MPLS, constructs IESs, VPRNs, VPLSs, e-pipes, c-pipes, and i-pipes.

  • Expert knowledge of architecting networks and security systems optimized to maximize compute environment availability, reliability, and throughput.

  • Expert knowledge of Big Data network support and cyber security protections.

  • Expert knowledge of private and public virtual environments supporting architecture and cyber protections.

  • Expert knowledge of network segmentation techniques.

  • Expert knowledge in the architecting and design of large geo-diverse high availability enterprise systems.

  • Expert knowledge of authentication, authorization, and access control methods.

  • Expert knowledge of computer algorithms

  • Expert knowledge of encryption algorithms

  • Expert knowledge of cryptography and cryptographic key management concepts

  • Expert knowledge of database systems

  • Expert knowledge of embedded systems

  • Expert knowledge of system fault tolerance methodologies

  • Expert knowledge of how system components are installed, integrated, and optimized

  • Expert knowledge of human-computer interaction principles

  • Expert knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

  • Ability to design architectures and frameworks.

  • Skill in applying cybersecurity methods, such as firewalls, demilitarized zones, and encryption.

  • Expert knowledge of network access, identity, application and device access.

  • Expert knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs

  • Expert knowledge of parallel and distributed computing concepts

  • Expert knowledge of key concepts in security management (e.g., Release Management, Patch Management).

  • Expert knowledge of configuration management techniques

  • Comprehensive understanding of change management techniques associated with new technology implementation.

  • Demonstrated experience using and configuring network tools (for example, SolarWinds, VitalQIP, Network General Sniffer Portable, WireShark, Entersys products, Visio, and/or CA products).

  • Demonstrated experience producing an economic business case.

  • Demonstrated leadership ability.

  • Proven analytical, problem solving, and consulting skills.

  • Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.

Preferred:

  • Graduate degree in Electrical Engineering, with network and cyber security or related area of expertise.

  • Relevant security certifications (CISSP, CISM, SABSA, GIAC)

  • Appropriate technical skills and in-depth knowledge of business unit functions and applications, including:

Demonstrated experience and subject matter knowledge in integration of cyber and information security for applications, web architectures, operating systems, databases, and networks.

Demonstrated experience and subject matter knowledge of SCADA, ICS, Distribution Automation, Smart Grid, DMS, and ECS systems architecture.

Experience and proven capabilities in application risk assessment, application security architecture development, web application security, and application security testing.

Demonstrated experience in security architecture risk assessment, requirements development, secure design analysis, architecture assessment and development, and security testing of applications and systems.

Extensive experience developing, evaluating, and implementing cyber and information security architectures, technologies, standards, and practices to secure applications, IT systems, and networks.

Demonstrated knowledge and experience in the implementation of governance frameworks and security risk management processes, such as NIST, ISO, and COBIT guidelines and standards.

Demonstrated experience in addressing regulatory compliance for the security requirements in applicable laws and regulations, such as NERC CIP, SOX, PCI DSS, and HIPAA.

Solid understanding and experience with network and security development lifecycle (SDL) processes for internally developed applications, including the web-based and Internet facing components.

Expert knowledge and experience in application security standards, methodologies, and technologies as applied to network architecture and compute environment support.

Solid capability to assess application and web architectures and operating systems for vulnerabilities and develop appropriate security countermeasures.

Solid knowledge and experience with IT security aspects of operating systems, Active Directory, database (SQL) access, LDAP, Microsoft SharePoint, and web server configurations.

Experience in assessing, configuring, and testing security applications and systems, such as Cisco firewalls, security appliances, IDS/IPS, SSL or TLS, IPSec, and web services security.

Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.


Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.

VEVRAA Federal Contractor

EEO is the Law Poster


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove

Principal Network And Cyber Security Architect

Pepco Energy Services