Lead Cybersecurity Engineer Job at PPL in Providence
PPL, Providence, RI, United States
Company Summary Statement As one of the largest investor-owned utility companies in the United States, PPL Corporation (NYSE: PPL), is committed to creating long-term, sustainable value for our 3.5 million customers, our shareowners and the communities we serve. Our high-performing regulated utilities — PPL Electric Utilities, Louisville Gas and Electric, Kentucky Utilities and Rhode Island Energy — provide an outstanding experience for our customers, consistently ranking among the best utilities in the nation. PPL’s companies are also addressing challenges head-on by investing in new infrastructure and technology that is creating a smarter, more reliable and resilient energy grid. We are committed to doing our part to advance a cleaner energy future and drive innovation that enables us to achieve net-zero carbon emissions by 2050 while maintaining energy reliability and affordability for the customers and communities we serve. PPL is a positive force in the cities and towns where we do business, providing support for programs and organizations that empower the success of future generations by helping to build and maintain strong, diverse communities today. Overview The Cybersecurity organization advances the overall state of security at PPL through critical initiatives and coordination of large security and customer-focused projects. The organization builds and procures technologies, tools, and processes to better enable teams at PPL to develop secure platforms and protect data and systems with appropriate security controls. IT Cybersecurity also develops systems to monitor and respond to attacks against our systems, provides educational awareness to the corporation on security best practices, and ensures data sharing relationships with third parties securely protect PPL information. PPL is seeking a highly skilled Lead Engineer to join our Cybersecurity organization. In this role, you will work closely within our engineering team as well as cross functionally with other teams within Information Technology to ensure cybersecurity has the tools necessary to succeed. You will have direct responsibility for the usage, monitoring, and maintenance of the cyber technology used by the team, completing tool health assessments, and conducting reviews to identify opportunities for improvement. If you are passionate about setting up data security infrastructure, ensuring the technology is running optimally and efficiently, and working with teams to improve processes, this position is ideal for you. #LI-Hybrid Responsibilities Develop and maintainpolicies, procedures and/or standards for the health of cybersecurity solutions Perform Tool Health Assessments to identify both security and operational related issues Manage, configure, and monitortools and underlying infrastructure to ensure patches and/or updates are applied in accordance with policy and procedure Tune configurationsto maximize efficiency while accounting for stakeholder needs. Research and evaluate alternative security solutions to determine feasibility and suitability Create metrics to report on the overall health of security solutions Establish relationships and communicate with vendors to obtain timely support and resolve issues Conduct regular reviews of relevant applications and underlying infrastructure to identify areas for improvement. Assist relevant parties on identified gaps in the technology stack based on analysis and execute strategies to mitigate/address the risk. Identify and apply strategies to optimize resource utilization and minimize cost Collaborate with cross-functional teams to ensure the solutions are providing value and operatingin accordance with expectations All other duties and projects as assigned. Qualifications Education Bachelor’s degree in Computer Science, Information Security, and/or a related field or an equivalent level of work related experience. Experience A minimum of 7+ years of cybersecurity experience in the configuration and support ofcybersecurity related applications and infrastructure Proficiency in completing tool health assessments including performance, functionality, security, compatibility, user experience, and maintenance assessments. Experience completing necessary documentation to comply with Configuration and Change Management processes Experience in managing and configuring SIEMs, Antivirus, anti-malware, IDS/IPS, endpoint security solutions. Experience in consolidating tools and/or standardizing configurations across different environments. Experience in establishing relationships with vendors to resolve issues Knowledge of various enterprise technology stacks used to build applications in the cloud Experience in Security and/or Regulatory Frameworks such as NIST, CIS Benchmarks, SOX, NERC CIP, etc. Strong analytical skills to assess risks and vulnerabilities in complex systems. Strong leadership, communication, and interpersonal skills. Collaborative and effective in cross-functional team environments. Preferred Qualifications Certification in Cybersecurity (e.g., CISSP, CISM,etc) is preferred. Experience working in Agile teams and have knowledge of Agile principles and practices. Experience utilizing the Scaled Agile Framework (SAFe) Understanding of data analytics, artificial intelligence, and machine learning concepts Proficiency in scripting and automation for security testing. Education Bachelor’s degree in Computer Science, Information Security, and/or a related field or an equivalent level of work related experience. Experience A minimum of 7+ years of cybersecurity experience in the configuration and support ofcybersecurity related applications and infrastructure Proficiency in completing tool health assessments including performance, functionality, security, compatibility, user experience, and maintenance assessments. Experience completing necessary documentation to comply with Configuration and Change Management processes Experience in managing and configuring SIEMs, Antivirus, anti-malware, IDS/IPS, endpoint security solutions. Experience in consolidating tools and/or standardizing configurations across different environments. Experience in establishing relationships with vendors to resolve issues Knowledge of various enterprise technology stacks used to build applications in the cloud Experience in Security and/or Regulatory Frameworks such as NIST, CIS Benchmarks, SOX, NERC CIP, etc. Strong analytical skills to assess risks and vulnerabilities in complex systems. Strong leadership, communication, and interpersonal skills. Collaborative and effective in cross-functional team environments. Preferred Qualifications Certification in Cybersecurity (e.g., CISSP, CISM,etc) is preferred. Experience working in Agile teams and have knowledge of Agile principles and practices. Experience utilizing the Scaled Agile Framework (SAFe) Understanding of data analytics, artificial intelligence, and machine learning concepts Proficiency in scripting and automation for security testing. Develop and maintainpolicies, procedures and/or standards for the health of cybersecurity solutions Perform Tool Health Assessments to identify both security and operational related issues Manage, configure, and monitortools and underlying infrastructure to ensure patches and/or updates are applied in accordance with policy and procedure Tune configurationsto maximize efficiency while accounting for stakeholder needs. Research and evaluate alternative security solutions to determine feasibility and suitability Create metrics to report on the overall health of security solutions Establish relationships and communicate with vendors to obtain timely support and resolve issues Conduct regular reviews of relevant applications and underlying infrastructure to identify areas for improvement. Assist relevant parties on identified gaps in the technology stack based on analysis and execute strategies to mitigate/address the risk. Identify and apply strategies to optimize resource utilization and minimize cost Collaborate with cross-functional teams to ensure the solutions are providing value and operatingin accordance with expectations All other duties and projects as assigned. Remote Work The company reserves the right to determine if this position will be assigned to work on-site, remotely, or a combination of both. Assigned work location may change. In the case of remote work, physical presence in the office/on-site may be required to engage in face-to-face interaction and coordination of work among direct reports and co-workers. Equal Employment Opportunity Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.