Location: Allentown,PA, USA
Company Summary StatementAs one of the largest investor-owned utility companies in the United States, PPL Corporation (NYSE: PPL), is committed to creating long-term, sustainable value for our 3.5 million customers, our shareowners and the communities we serve. Our high-performing regulated utilities — PPL Electric Utilities, Louisville Gas and Electric, Kentucky Utilities and Rhode Island Energy — provide an outstanding experience for our customers, consistently ranking among the best utilities in the nation. PPL's companies are also addressing challenges head-on by investing in new infrastructure and technology that is creating a smarter, more reliable and resilient energy grid. We are committed to doing our part to advance a cleaner energy future and drive innovation that enables us to achieve net-zero carbon emissions by 2050 while maintaining energy reliability and affordability for the customers and communities we serve. PPL is a positive force in the cities and towns where we do business, providing support for programs and organizations that empower the success of future generations by helping to build and maintain strong, diverse communities today.OverviewThe Cybersecurity organization advances the overall state of security at PPL through critical initiatives and coordination of large security and customer-focused projects. The organization builds and procures technologies, tools, and processes to better enable teams at PPL to develop secure platforms and protect data and systems with appropriate security controls. IT Cybersecurity also develops systems to monitor and respond to attacks against our systems, provides educational awareness to the corporation on security best practices, and ensures data sharing relationships with third parties securely protect PPL information.PPL is seeking a highly skilled Network Security Principal Architect to join our Cybersecurity organization. In this role, you will work closely with our Information Technology and Cybersecurity team to ensure the security and configuration of the PPL network. You will have direct responsibility to lead the network security strategy in addition to using and monitoring cyber technology in the network layer. You will provide expert guidance, conduct security assessments, and provide detailed design and implementation of secure network architecture. If you are passionate about network security and have a deep understanding of cybersecurity, architecture, infrastructure, risk, and compliance, this position is ideal for you. #LI-HybridResponsibilitiesDesign and document secure network architectures that meet the organization's functional and security requirements.Administer, Design, Evaluate, and/or Implement network security controls, including firewalls, intrusion detection/prevention(IDS/IPS), and access control lists (ACLs).Design, implement, and/or monitornetwork access controls to ensure only authorized devices and users can access the network.Develop and maintain established security requirements and best practices for secure network design.Evaluate, implement, and manage security tools and technologies that enhance the security posture of the networkResponsible for the governance of Network Security policies, procedures, and standards.Conduct risk assessments to identify potential vulnerabilities and threats.Perform security reviews of architecture, infrastructure, and applications, identify gaps, develop a security risk management plan, and execute strategies to mitigate/address identified risk.Collaborate with cross-functional teams to integrate security controls and processes into network infrastructure.Offer technical guidance and support to network infrastructure teams.Provide guidance, coaching, and support in the development of junior staff members.Serve as a Subject Matter Expert on Network Security related topics, best practices, emerging technologies and the evolving threat landscape.All other duties and projects as assigned.QualificationsEducationBachelor's degree in Computer Science, Information Security, and/or a related field or an equivalent level of work related experience.ExperienceA minimum of 10+ years of cybersecurity and/or Information Technology experience in the network security architecture and design.Strong understanding of IDS/IPS, Firewalls(including WAFs), VPNs, ACLs, and DDOS protectionDeep understanding of network protocols including TCP/IP, UDP, HTTP, HTTPS, FTP, and DNS.Expertise in packet-level and network traffic analysis and solutions to support those functions.Extensive experience in developing and maintainingnetwork security solutions such as software defined networks (SDN), Network Function Virtualization(NFV) and Network segmentationExperience in participating in Incident Response activities and exercisesExperience in conducting investigations and communicating results to managementExperience in Security and/or Regulatory Frameworks such as NISTExperience working in Agile teams and have knowledge of Agile principles and practices.Strong leadership, communication, and interpersonal skills.Collaborative and effective in cross-functional team environments.Strong analytical skills to assess risks and vulnerabilities in complex systems.Preferred QualificationsExperience with cloud based security solutionsExperience with SIEM toolsExperience utilizing the Scaled Agile Framework (SAFe)Relevant industry certifications (e.g,IBMQRadar Certified Administrator, Certified Network Security Architect (CNSA), Cisco Certified Network Associate Security (CCNA Security), Palo Alto Networks Certified Network Security Engineer (PCNSE))Certification in Cybersecurity is a plus (e.g., CISSP, CISM, CEH).EducationBachelor's degree in Computer Science, Information Security, and/or a related field or an equivalent level of work related experience.ExperienceA minimum of 10+ years of cybersecurity and/or Information Technology experience in the network security architecture and design.Strong understanding of IDS/IPS, Firewalls(including WAFs), VPNs, ACLs, and DDOS protectionDeep understanding of network protocols including TCP/IP, UDP, HTTP, HTTPS, FTP, and DNS.Expertise in packet-level and network traffic analysis and solutions to support those functions.Extensive experience in developing and maintainingnetwork security solutions such as software defined networks (SDN), Network Function Virtualization(NFV) and Network segmentationExperience in participating in Incident Response activities and exercisesExperience in conducting investigations and communicating results to managementExperience in Security and/or Regulatory Frameworks such as NISTExperience working in Agile teams and have knowledge of Agile principles and practices.Strong leadership, communication, and interpersonal skills.Collaborative and effective in cross-functional team environments.Strong analytical skills to assess risks and vulnerabilities in complex systems.Preferred QualificationsExperience with cloud based security solutionsExperience with SIEM toolsExperience utilizing the Scaled Agile Framework (SAFe)Relevant industry certifications (e.g,IBMQRadar Certified Administrator, Certified Network Security Architect (CNSA), Cisco Certified Network Associate Security (CCNA Security), Palo Alto Networks Certified Network Security Engineer (PCNSE))Certification in Cybersecurity is a plus (e.g., CISSP, CISM, CEH).Design and document secure network architectures that meet the organization's functional and security requirements.Administer, Design, Evaluate, and/or Implement network security controls, including firewalls, intrusion detection/prevention(IDS/IPS), and access control lists (ACLs).Design, implement, and/or monitornetwork access controls to ensure only authorized devices and users can access the network.Develop and maintain established security requirements and best practices for secure network design.Evaluate, implement, and manage security tools and technologies that enhance the security posture of the networkResponsible for the governance of Network Security policies, procedures, and standards.Conduct risk assessments to identify potential vulnerabilities and threats.Perform security reviews of architecture, infrastructure, and applications, identify gaps, develop a security risk management plan, and execute strategies to mitigate/address identified risk.Collaborate with cross-functional teams to integrate security controls and processes into network infrastructure.Offer technical guidance and support to network infrastructure teams.Provide guidance, coaching, and support in the development of junior staff members.Serve as a Subject Matter Expert on Network Security related topics, best practices, emerging technologies and the evolving threat landscape.All other duties and projects as assigned.Remote WorkThe company reserves the right to determine if this position will be assigned to work on-site, remotely, or a combination of both. Assigned work location may change. In the case of remote work, physical presence in the office/on-site may be required to engage in face-to-face interaction and coordination of work among direct reports and co-workers.Equal Employment OpportunityOur company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.