Troops to Energy Jobs

Job Information

PPL Corporation Lead Identity Access Management Engineer- Remote in Allentown, Pennsylvania

6336BR

Internal Title:

Lead Identity Access Management Engineer- Remote

Primary Responsibilities:

Leads projects, analyzes and solves complex problems, and recommends solutions in support of the IAM program detailed in the below areas.

1. IAM Program

a. Design and implement new business solutions that automates the administration of user access to business systems and applications.

b. Support and implement role-based access program for all types of logical access.

c. Create architecture and design based on requirements.

d. Create custom drivers, API integration, AD scripting, and SQL integration to Oracle and Microsoft SQL databases to implement the designed solutions.

e. Develop test cases and deployment documentation.

f. Deploy and support the Production environment and participate in an on-call rotation.

g. Develop and implement an ongoing regimen of software updates to assure the platform is secure, stable and efficient.

h. Develop audit and attestation processes to improve system governance.

i. Perform recurring system administration tasks and serve as the primary support for MicroFocus IDM, RSA Identity Lifecycle and Governance, and internally developed IAM systems to assure system stability, reliable business processes and positive end-user experience.

j. Serve as an SME of the IAM support applications such IDM, RSA Identity Lifecycle and Governance, CyberArk, and multiple internally developed IAM applications.

k. Provide troubleshooting of complex systems and application problems and issues.

l. Provide support and design of privileged access management program, including analysis of account privileges and automated password change development. Support compliance processes for federal compliance programs, including NERC CIP, SOX, and FERC.

m. Monitor systems performance and troubleshoot problem areas as needed.

n. Monitor service request queues and respond to requests.

o. Build and maintain strong cross-functional relationships across the organization to help with expectation setting, training and awareness, and promote consistency and improvement in our processes

p. Find opportunities to continuously improve the program through innovation with tangible value to the organization

q. Be an inspiring leader in Information Security and align initiatives with business objectives of the company

2. General Security

a. Track and understand emerging security practices and standards by participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations

b. Research information security standards; conducting security patching; identifying integration issues

c. Maintain security by monitoring, ensuring compliance to standards, policies, and procedures; participating in incident response analyses; and conducting training programs

d. Assist in resolving security problems through the appropriate choice of error detection and correction, process control and improvement, or process design strategies

3. Cybersecurity

a. Integrate technical, managerial, and financial considerations when sponsoring solutions

b. Assist in the proactive identification of potential network threats and cyber threats, and recommend preemptive remedial actions

c. Monitor and track incidents related to network access, network intrusion, cyber security, and regulatory compliance

d. Ensure that PPL EU systems and data management protocols adhere to regulatory requirements

  1. May be assigned an Electric Utilities emergency and Storm role. This is a special assignment that comes into play during storms and other emergencies when the company needs to restore power or respond to other issues affecting customer service. This role may necessitate the need to work after-hours outside of your normal schedule.

  2. The company reserves the right to determine if this position will be assigned to work on-site, remotely, or a combination of both. Assigned work location may change. In the case of remote work, physical presence in the office/on-site may be required to engage in face-to-face interaction and coordination of work among direct reports and co-workers.

Requisition ID:

6336BR

Position Summary:

The IT Cybersecurity organization advances the overall state of security at PPL EU through critical initiatives and coordination of large security and customer-focused projects. The organization builds and procures technologies, tools, and processes to better enable teams at PPL EU to develop secure platforms and protect data and systems with appropriate security controls. IT Cybersecurity also develops systems to monitor and respond to attacks against our systems, provides awareness education to the corporation on security best practices, and ensures data sharing relationships with third parties securely protect PPL information. This role will be part of the IT Cybersecurity – IAM team, which focuses on building out and supporting the IAM product at PPL. This program is responsible for all user access provisioning and de-provisioning, role-based access (RBAC), and privileged access management (PAM).

The Lead level is recognized as an expert in own area within the organization and works independently, under minimal guidance from supervisors. The Cybersecurity Lead IAM Engineer is responsible for supporting and leading the IAM program.

Candidate Qualifications:

Candidates must meet the basic qualifications and pass all required tests or assessments to receive consideration.In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility form upon hire.

Experience Level:

Professional

Recruiting Location:

PA-Allentown

Additional Requirements:

The company reserves the right to determine if this position will be assigned to work on-site, remotely, or a combination of both. Assigned work location may change. In the case of remote work, physical presence in the office/on-site may be required to engage in face-to-face interaction and coordination of work among direct reports and co-workers.

This position is a safety-sensitive role. Upon acceptance of a conditional offer, all individuals in safety-sensitive roles are obligated report the use of any medication that may impair their ability to perform the job in a safe manner.

Basic Qualifications:

  1. Bachelor's degree and 7 years of related work experience OR 10 years of related work experience

  2. Demonstrated understanding of IAM processes, Enterprise SSO, Federation, Privilege User Management, Authentication Methods, Entitlement Management, Delegated Administration, as well as the full scope of user account provisioning and lifecycle.

  3. Understanding of the components necessary to implement and maintain a successful enterprise IAM program and a willingness to champion those requirements.

  4. Understanding of NERC CIP compliance, NIST Cybersecurity Framework, and Sarbanes-Oxley Act

  5. Proven ability to prioritize and execute tasks

  6. Highly self-motivated and directed with attention to detail

  7. Easily adapts to changing circumstances

  8. Understands business goals and strategic priorities

  9. A critical problem solver, detailed oriented, and highly motivated self-starter with a passion for constant learning & improvement

  10. Able to communicate relevant information clearly and concisely, both verbally and in writing

  11. Able to work efficiently with minimal oversight/direction and collaborate effectively in cross functional projects

Equal Employment Opportunity:

Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.

Regular or Temporary:

Regular

Preferred Qualifications:

  1. Experience building, owning, and executing an IAM program in IT, utilities, or other major area.

  2. Experience with object-oriented languages, VB.NET, Java scripting.

  3. Well versed in SQL and LDAP query logic for Oracle and Microsoft SQL database platforms.

  4. Experience in database design, data modeling, stored database object development, PL/SQL scripting, UNIX/LINUX shell scripting, PowerShell scripting, and VB scripting.

  5. Ability to install, modify and support hardware and software components of identity management (IDM) infrastructure. Experience in all elements of general system administration - Windows OS, UNIX/LINUX OS, SQL, Oracle, Microsoft AD, etc.

  6. Experience with NIST, NERC CIP, and SOX requirements

  7. Able to discuss issues at technical and business levels with audiences of various backgrounds

  8. Have great people skills and able to flourish under pressure and ambiguity in a fast-paced team environment

  9. Related work experience building and supporting an IAM program as a technical resource and a process owner that champions the product vision for process improvements and supports the current process.

Full-time or Part-time:

Full-Time

Corporate Summary:

Corporate Job Summary Required

DirectEmployers