Analyst, Cyber Security Compliance - HYBRID

Description We're powering a cleaner, brighter future.
Exelon is leading the energy transformation, and we're calling all problem solvers, innovators, community builders and change makers.
Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient.
We're powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service.
We are a Fortune 200 company, 19,000 colleagues strong serving more than 10 million customers at six energy companies - Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco).
In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking.
And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career.
Are you in? PRIMARY PURPOSE OF POSITION Perform activities related to the development of cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity missions and initiatives under the guidance of a Lead Analyst or Manager.
Consults with customers to evaluate functional requirements and translate functional requirements into technical solutions.
Note: This is a flex position meaning this role will be part remote and part in the office.
This role is a HYBRID position - candidates must reside in one of the following states - IL, PA, NJ, DE, MD or Washington DC.
No relocation is available for this position.
PRIMARY DUTIES AND ACCOUNTABILITIES Knowledge leader in the existing and upcoming approved/enforceable cyber security compliance obligations.
Acts as a consultant to the entities and to CISS to assist in the interpretation of cyber security compliance obligations to provide the proper balance of Reliability, Security and Compliance Supports collaboration with each of the CISS departments in the production of all evidence to ensure the work processes, culture and deliverables meet the Security Controls and the quality of evidence to meet regulatory requirements.
Supports cross-entity coordination of CISS-owned cybersecurity compliance obligations.
Assists in developing Security Controls with the Business Units and CISS.
Supports training and knowledge transfer in the areas of Security Controls, along with the CISS departments as well as the entities.
Supports CISS in developing the processes, workflows, and evidence required for compliance to the regulatory requirements that CISS supports.
Collaboratively works with the CISS departments to develop processes, workflows, and evidence required to meet the Security Controls developed and implemented by CISS.
Collaboratively works with the entities to develop processes, workflows and evidence required to meet the Security Controls developed and implemented by the entities.
Proactively build business knowledge to provide solutions.
JOB SCOPE Contribute to the integration and alignment of information security and/or cybersecurity policies to ensure system analysis meets security requirements.
Ensure that all systems components can be integrated and aligned (e.
g.
, procedures, databases, policies, software, and hardware).
Assist in performing needs analysis to determine opportunities for new and improved business process solutions.
Establish and maintain communication channels with stakeholders.
Contribute to applying applicable laws, statutes, and regulatory documents and integrate into policy.
Assess policy needs and collaborate with stakeholders to develop policies to govern cyber activities.
Qualifications MINIMUM QUALIFICATIONS Bachelor's degree and typically 2 to 5 years related experience in information security and/or cybersecurity policy, or equivalent combination of education and work experience.
Knowledge of business practices and processes in a regulatory environment and associated frameworks including, but not limited to, NERC CIP, TSA, SOX, NIST, and SEC.
Strong problem solving skills Excellent communications skills (written and verbal) PREFERRED QUALIFICATIONS Bachelor's degree in Computer Science or related technical area preferred