Corporate Summary As one of the largest investor-owned companies in the U.S. utility sector, PPL Corporation delivers on its promises to customers, investors, employees and the communities we serve. Our utilities ndash Western Power Distribution, Louisville Gas and Electric and Kentucky Utilities, and PPL Electric Utilities ndash provide an outstanding service experience for our customers, consistently ranking among the best in the United States and the United Kingdom. PPL has grown from a company with customers and facilities in one region of Pennsylvania to a diverse energy company with more than 10 million customers in the U.S. and the U.K. PPL provides energy for millions of customers while providing challenging and rewarding careers for thousands of employees around the U.S. and abroad. Follow PPL Corporation on social mediaTwitter PPLCorporation (PPLCorporation)LinkedIn (companyppl-corporation)Follow PPL Electric Utilities on social mediaTwitter PPLElectric (PPLElectric)Facebook (PPLElectric) Experience Level Professional Regular or Temporary Regular Full-time or Part-time Full-Time Position Summary Position located in Allentown, PA or Washington, D.C. The Security Specialist is responsible for activities within assigned functional area Cyber Security Manages threat vulnerability management (IDS), active defense and response, security analytics, and security incident management. Data Security Responsible for data access controls, data loss prevention, data encryption and key management, data privacy and regulatory requirements, and data access audits. IT Access Mgmt. Creates and manages the policies, tools, and activities that promote permission-based access to information, identity verification, IDM, user personal information protection, and role management. The Associate level uses established procedures under immediate guidance and instruction from supervisor or more senior level IT Security Specialists. (Grade 20) The Intermediate level uses established procedures under moderate guidance and direction from supervisor or more senior level IT Security Specialists. (Grade 19) The Senior level performs assigned tasks under minimal guidance from supervisor. (Grade 17) Primary Responsibilities The Associate level performs routine assignments using established procedures in the below areas. The Intermediate level performs a variety of assignments and solves problems using established procedures in the below areas. The Senior level performs a variety of complex assignments (may lead some projects) and analyzes and solves complex problems in the below areas. General Security Track and understand emerging security practices and standards by participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations Research information security standards conducting system security and vulnerability analyses and risk assessments identifying integration issues Develop criteria to assess and validate IT security risks (e.g., DLP, IDS, NERC CIP) and relevant security architectures Assess security system performance by conducting tests (e.g., penetration testing) Maintain security by monitoring, ensuring compliance to standards, policies, and procedures conducting incident response analyses and conducting training programs Upgrades security systems by monitoring security environment identifying security gaps evaluating and implementing enhancements Prepares system security reports by collecting, analyzing, and summarizing data and trends Assist in resolving security problems through the appropriate choice of error detection and correction, process control and improvement, or process design strategies Cyber Security Utilize intrusion detection systems (IDSrsquos) to monitor network system (LANs, WANs, VPNs, routers, firewalls, and related security and network devices) for indicators of compromise (IOCs) Integrate technical, managerial, and financial considerations when sponsoring solutions Network and Data Security Conduct ongoing review of multiple systems and sources to detect network access, network intrusion, and information integrity compliance risks Proactively identify potential network threats and cyber threats, and recommend preemptive remedial actions Investigate network security events, conducting root-cause analysis to identify threats for recurring incidents Monitor and track incidents related to network access, network intrusion, cyber security, and regulatory compliance Troubleshoot, diagnose network problems, and implement corrective action within prescribed guidelines to mitigate impact to business continuity Support restoration of secure network services as quickly as possible while limiting business impact Assist in minor network or system configuration changes to improve system security and meet regulatory requirements Ensure that PPL EU systems and data management protocols adhere to regulatory requirements Conduct activities related to data loss prevention (DLP), data encryption, key management, data privacy and regulatory requirements, and data access audits IT Access Management Research, design, and implement Identity and Access Management (IAM) solutions for systems to ensure the appropriate context-based and permission-based security policies are enforced on users and their devices and real-time Conduct activities pertaining to identity verification, IDM, user personal information protection, and role management Physical presence in the officeon-site to engage in face-to-face interaction and coordination of work among direct reports and co-workers. May be assigned an Electric Utilities emergency and storm role. This is a special assignment that comes into play during storms and other emergencies when the company needs to restore power or respond to other issues affecting customer service. This role may necessitate the need to work after-hours, outside of your normal schedule. Candidate Qualifications Candidates must meet the basic qualifications and pass all required tests or assessments to receive consideration. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility form upon hire. Basic Qualifications Bachelor's degree OR 4 years of related work experience (Associate level requirement) Bachelor's degree and 2 years of related work experience OR 6 years of related work experience (Intermediate level requirement) Bachelor's degree and 5 years of related work experience OR 8 years of related work experience (Senior level requirement) Understanding of the advanced persistent threat (APT) kill chain Understanding of hackeradvanced persistent threat (APT) tactics, techniques, and procedures (TTPs) Understanding and analysis of event logging from many different devices Understanding of malware and malware behavior Proven ability to prioritize and execute tasks Highly self-motivated and directed with attention to detail Easily adapts to changing circumstances Understands business goals and strategic priorities Preferred Qualifications NERC CIP Compliance Analysis Certification, System Operator Certification, GIAC Critical Infrastructure Protection Security Certification Splunk or similar SIEM experience creating searches and understanding how to pivot in the data fields to investigate Ability to perform packet analysis Ability to mine and respond to Indicators of Compromise (IOCs) Experience with NIST, NERC CIP, SOX and PCI requirements Experience supporting fast-changing business organizations Equal Employment Opportunity Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.
Associated topics: cybersecurity, idm, information security, malicious, security, security analyst, security engineer, security officer, threat, vulnerability