Sr Mgr, Cybersecurity Policy

Who We Are

We're powering a cleaner, brighter future.

Exelon is leading the energy transformation, and we're calling all problem solvers, innovators, community builders and change makers. Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient.

We're powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service. We are a Fortune 200 company, 19,000 colleagues strong serving more than 10 million customers at six energy companies -- Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco).

In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking. And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career.

Are you in?
Primary Purpose

PRIMARY PURPOSE OF POSITION

The Senior Manager of Security Policy will focus on defining policy commensurate with Exelon's risk tolerance and driving adoption of enterprise standards across IT, OT, and Common security controls. This individual will engage in job duties outlined below, to enhance the resiliency of Exelon's and to promote our mission of safeguarding the people, property, reputation, and shareholder value of the corporation.

• Serve as the subject matter expert on security policies, procedures, and enterprise standards
• Provide guidance, direction, and advice to the security governance team to address new regulatory requirements and changes to internal controls
• Conduct security policy requirement obligation reviews and legal filings on behalf of the cyber compliance team
• Identify how and when internal processes need to be updated according to the latest Cybersecurity standards and regulations
• Guide and advise cross-functional teams on Cybersecurity standards and regulations and opportunities for improving their processes as a result
• Prepare, guide, and advise leadership on regulatory requirements in preparation for scheduled and ad hoc meetings with government agencies, state legislations, and other regulatory parties.
• Establish and maintain relationships with cybersecurity and technology stakeholders
• Attend external and internal security policy meetings and socialize learnings and next steps for leadership to escalate and respond to
• Prepare and lead Cybersecurity briefings and conduct follow-up tasks as necessary
• Prepare and execute ad hoc requests
• Promote thought leadership, professional growth, diversity, and inclusion; foster teamwork, collaboration, and a learning organization

Note: This is a hybrid position (in-office with remote flexibility). Employees are required to be in office at least three days per week (Tuesday, Wednesday, and Thursday) from our or Owings Mills, MD or Baltimore, MD office. This position is not eligible for relocation assistance.

Primary Duties

PRIMARY DUTIES AND ACCOUNTABILITIES

• Attend and provide feedback on policy drafting and issues management with the electric and gas trade organizations, Department of Energy, Department of Homeland Security, Transportation Security Administration, Secret Service, state, and local security hearings, committee meetings, and working team.
• Contribute to internal strategy decisions and prepare leadership to speak on cybersecurity topics and policies.
• Conduct security policy requirement obligation reviews and filings on behalf of the cyber compliance team.
• Prepare, guide, and advise leadership on regulatory requirements in preparation for scheduled and ad hoc meetings with government agencies, state legislations, and other regulatory parties.

Job Scope

JOB SCOPE

• Utilize keen understanding of business needs to determine requirements and help set direction
• Teach appropriate theories, practices and principles related to area of responsibility or functional area
• Make judicious decisions in familiar and new situations
• Contribute to strategic decisions and direction
• Manage budget specific to area of responsibility
• Work independently

Minimum Qualifications

MINIMUM QUALIFICATIONS

• Bachelor's degree
• 10+ years of experience in security governance, policy, or compliance or an equivalent combination of education and work experience.
• Experience leading and working within a collaborative, cross-functional, team-based environment
• Thorough comprehension of the Cybersecurity Risk Management Framework
• Knowledge of project management tools and techniques
• Strong judgement and excellent analytical ability with the ability to convey complex concepts to technical and non-technical audiences
• Excellent interpersonal, written and oral communications skills
• Strong organizational skills, detail oriented with the ability to handle competing priorities concurrently
• Strong sense of urgency with the ability to deliver quality work in a fast-paced environment
• Ability to work effectively with all levels of business management and with vendors and trade and government stakeholders

Preferred Qualifications

PREFERRED QUALIFICATIONS

• Advanced degree
• Knowledge of legal concepts and how it relates and/or conflicts with cybersecurity best practices
• Strong knowledge of business practices and processes related to security risk, security governance, security public policy, security assurance, or related fields
• Familiarity with leadership and management styles that align to Energy & Utilities
• Preferred certifications: CISSP, CCTHP, CISM, CEH, GSEC, GCIH

Benefits

Benefits

• Annual salary will vary based on a candidate's skills, qualifications, experience, and other factors: $147,200.00/Yr. - $202,400.00/Yr. plus an additional $25K in Long Term Incentive Plan annually.
• Annual Bonus for eligible positions: 25%
• 401(k) match and annual company contribution
• Medical, dental and vision insurance
• Life and disability insurance
• Generous paid time off options, including vacation, sick time, floating and fixed holidays, maternity leave and bonding/primary caregiver leave or parental leave
• Employee Assistance Program and resources for mental and emotional support
• Wellbeing programs such as tuition reimbursement, adoption and surrogacy assistance and fitness reimbursement
• Referral bonus program
• And much more

Note: Exelon-sponsored compensation and benefit programs may vary or not apply based on length of service, job grade, job classification or represented status. Eligibility will be determined by the written plan or program documents.