PPL Corporation Lead Cybersecurity Penetration Tester- Remote in Allentown, Pennsylvania
Lead Cybersecurity Penetration Tester- Remote
• Ability to conduct isolated and large scale assessments
• Familiarity with common pen testing tools and techniques
• Ability to utilize commercial and open source tools
• Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences
• Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
• Recognize and safely utilize attacker tools, tactics, and procedures
• Develop scripts, tools, or methodologies for testing purposes
• Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff
• Track and understand emerging cybersecurity practices and standards by participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations
• Research information security standards, conducting system security and vulnerability analyses, and risk assessments, studying architecture/platform evolution
• Develop criteria to assess and validate IT security risks (e.g., DLP, IDS, NERC CIP) and relevant security architectures
• Ability to influence a significant transformation in the security practices across business technology platforms
• Assist in resolving security problems through the appropriate choice of error detection and correction, process control and improvement, or process design strategies
Leverage all available tools and use virtual presence to engage and coordinate work among teammates and peers.
This role will conduct penetration tests and provide recommendations for risk and vulnerability remediation. Additionally, will be involved in a wide range of security areas, including architectures, application testing, electronic data traffic, and network access. Recognized as an expert within the organization and works independently to skillfully balance security best practices against business drivers, with an evaluation of risk and cost. Uses extensive technical knowledge discipline to proactively solve unique and complex cybersecurity problems that have a broad impact on the business. Trains and develops technical staff. May supervise a limited number of individual contributors.
Candidates must meet the basic qualifications and pass all required tests or assessments to receive consideration.In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility form upon hire.
The company reserves the right to determine if this position will be assigned to work on-site, remotely, or a combination of both. Assigned work location may change. In the case of remote work, physical presence in the office/on-site may be required to engage in face-to-face interaction and coordination of work among direct reports and co-workers.
This position is a safety-sensitive role. Upon acceptance of a conditional offer, all individuals in safety-sensitive roles are obligated report the use of any medication that may impair their ability to perform the job in a safe manner.
Bachelor's degree and 7 years of related work experience OR 10 years of related work experience
Experience with NIST, NERC CIP, SOX and PCI requirements
Proven ability to prioritize and execute tasks
Highly self-motivated and directed with attention to detail
Easily adapts to changing circumstances
Understands business goals and strategic priorities
Promotes respect and can work effectively with diverse groups and environments
Equal Employment Opportunity:
Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.
Regular or Temporary:
Experience supporting fast-changing business organizations
NERC CIP Compliance Analysis Certification, System Operator Certification, Certified Information Systems Security Professional (CISSP), GIAC Critical Infrastructure Protection Security Certification
Full-time or Part-time:
As one of the largest investor-owned companies in the U.S. utility sector, PPL Corporation delivers on its promises to customers, investors, employees and the communities we serve. Our utilities – Western Power Distribution, Louisville Gas and Electric and Kentucky Utilities, and PPL Electric Utilities – provide an outstanding service experience for our customers, consistently ranking among the best in the United States and the United Kingdom. PPL has grown from a company with customers and facilities in one region of Pennsylvania to a diverse energy company with more than 10 million customers in the U.S. and the U.K. PPL provides energy for millions of customers while providing challenging and rewarding careers for thousands of employees around the U.S. and abroad. Follow PPL Corporation on social mediaTwitter: @PPL_Corporation (https://twitter.com/PPL_Corporation)LinkedIn (https://www.linkedin.com/company/ppl-corporation)Follow PPL Electric Utilities on social mediaTwitter: @PPLElectric (https://twitter.com/PPLElectric)Facebook (www.facebook.com/PPLElectric)
- PPL Corporation Jobs