Company Summary Statement
As one of the largest investor-owned utility companies in the United States, PPL Corporation (NYSE: PPL), is committed to creating long-term, sustainable value for our 3.5 million customers, our shareowners and the communities we serve. Our high-performing regulated utilities - PPL Electric Utilities, Louisville Gas and Electric, Kentucky Utilities and Rhode Island Energy - provide an outstanding experience for our customers, consistently ranking among the best utilities in the nation. PPL's companies are also addressing challenges head-on by investing in new infrastructure and technology that is creating a smarter, more reliable and resilient energy grid. We are committed to doing our part to advance a cleaner energy future and drive innovation that enables us to achieve net-zero carbon emissions by 2050 while maintaining energy reliability and affordability for the customers and communities we serve. PPL is a positive force in the cities and towns where we do business, providing support for programs and organizations that empower the success of future generations by helping to build and maintain strong, diverse communities today.
Overview
NOTE: This role is hybrid requiring 3 days a week onsite at one of our local offices in: Allentown, PA; Louisville, KY or Providence, RI. #LI-Hybrid #INDPPL
The IT Security Systems Analyst will leverage tools to perform vulnerability and threat monitoring. Investigates, responds to, and reports on network and security risks to PPL EU tools which include but are not limited to SIEM, NIDS/NIPS, and HIDS/HIPS suites. This position is required to do shift work. The Senior level performs assigned tasks under minimal guidance from supervisor. Additionally, this role is responsible for supporting firewall security operations, including interpreting, reviewing, and assessing firewall rules for security risk, ensuring alignment with cybersecurity standards, and least privilege principles.
Responsibilities
Essential Functions:
Performs a variety of complex assignments (may lead some projects) and analyzes and solves complex problems in the below areas.
Network and Cyber Threat Monitoring:
Conduct ongoing review of multiple systems and sources to detect network access, network intrusion, information integrity, and NERC CIP compliance risks
Investigate network security events, conducting root-cause analysis to identify threats for recurring incidents
Monitor and track incidents related to network access, network intrusion, cybersecurity, and NERC CIP regulatory compliance
Corrective Actions:
Troubleshoot, diagnose network problems, and implement corrective action within prescribed guidelines to mitigate impact to business continuity
Support restoration of secure network services as quickly as possible while limiting business impact
Report network incidents, cybersecurity incidents, and NERC CIP compliance risks
Assist in minor network or system configuration changes to improve system security and meet NERC CIP compliance requirements
Recommend and implement firewall rule tuning or configuration changes to mitigate identified risks and improve security posture
Assist in firewall policy remediation efforts to address audit findings, compliance gaps, or identified vulnerabilities
Interpret, review, and analyze firewall rules to identify security risks, misconfigurations, overly permissive access, and compliance gaps
Perform risk-based reviews of firewall rule requests and existing rule sets to ensure adherence to security standards and least privilege access
Support firewall governance processes, including intake validation, rule lifecycle management (create/modify/remove), and periodic recertification activities
Conduct firewall rule reviews to identify redundant, shadowed, or unused rules and recommend remediation actions
Assess firewall configurations against security baselines and hardening standards to reduce attack surface
Collaborate with network, infrastructure, and OT teams to ensure firewall changes are properly designed, tested, and implemented with minimal business risk
Utilize firewall management and policy analysis tools (e.g., FireMon, AlgoSec) to evaluate rule effectiveness, policy compliance, and risk exposure
Support incident response efforts by analyzing firewall logs and rule behavior to determine potential threat activity or unauthorized access paths
Develop and maintain documentation related to firewall policies, standards, and review procedures
Performs other duties as assigned
Complies with all policies and standards
Qualifications
Required Experience:
Preferred Qualifications: