PPL Corporation Supervisor- IT Security Operations Center in Allentown, Pennsylvania



Supervisor- IT Security Operations Center

Primary Responsibilities:

Management Domain:

  • Direct program for vulnerability and threat monitoring

  • Oversee program to investigate, report, and respond to network security risks to PPL

People Leadership:

  • Assist Director and Managers as they align the new PPL IT vision and direction with the task of supporting critical IT / OT infrastructure

  • Coach and mentor employees, providing specific, timely, and constructive performance feedback

  • Collect staff performance data against established service levels

General Management & Decision Making:

  • Provide day-to-day leadership and operational management in area of responsibility

  • Execute objectives, plans, and policies for area of responsibility in line with Enterprise and IT Organization level strategy

  • Simultaneously help coordinate resourcing and impact of multiple projects that are within area of responsibility

  • Provide input to manager on employee performance, and on specific unit operations

  • Be on the lookout for new opportunities to leverage technology for continuous improvement and outsourced services for greater efficiency

Financial Oversight:

  • Contribute to the development of budgets for area of responsibility and assists in the preparation of operational plans for the IT department

  • Oversee area of responsibility to adhere to approved budgets


  • Assist in communications that involve coordinating support and issue resolution or require a high level of interpersonal and negotiation skills

  • Utilize negotiation and persuasion to come to agreement with others


  • In-person supervision of employees to ensure compliance with FLSA wage and hour issues as well as to monitor compliance with safety rules.

  • Physical presence in the office/on-site to engage in face-to-face interaction and coordination of work among direct reports and co-workers.

  • May be assigned an Electric Utilities emergency and storm role. This is a special assignment that comes into play during storms and other emergencies when the company needs to restore power or respond to other issues affecting customer service. This role may necessitate the need to work after-hours, outside of your normal schedule.

Requisition ID:


Position Summary:

The Supervisor- Security Operations Center (SOC), under direct supervision of the Manager- Fusion Ops Center, has first-line supervisory responsibility for the Security Operations Center (SOC).

This Supervisor- Security Operations Center (SOC) position provides the opportunity to work in a dedicated network defense environment with focus on threat identification and mitigation to ensure defensive resiliency. This role oversees threat monitoring analysts who are primarily responsible for network defense to include monitoring of the SIEM and security technologies to verify potential threat activity. This role will also oversee the development and refinement of investigative and communication workflows. Daily activities will include supporting and supervising SOC analysts in their analysis of network logs, processing of mitigations, and determination and escalation of threat detections.

Candidate Qualifications:

Candidates must meet the basic qualifications and pass all required tests or assessments to receive consideration.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility form upon hire.

Experience Level:


Recruiting Location:


Basic Qualifications:

  1. Bachelor's degree and 3 years of related work experience.

  2. Experience working in a Security Operations Center or similar environment providing threat monitoring, intrusion detection, analysis, threat determination, and mitigations processing and tracking.

  3. Hands-on experience performing Threat Monitoring, Incident Response, or Cyber Threat Intelligence functions.

  4. Previous experience triaging threats derived from various intakes to include security technology alerts, user reported tickets, and other PPL organizations.

  5. Experience working with analysis techniques, identifying indicators of compromise, threat hunting, and identification of intrusions and potential incidents.

  6. Experience working across organizational lines of business to implement mitigations, remediations, and countermeasures resulting from cyber threat intrusions.

  7. Knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and the motivations that drive them.

  8. Ability to successfully communicate and transfer knowledge to others.

  9. Previous experience working with and documenting analysis results in a knowledge and/or intelligence management system.

  10. Previous experience working with various network and system security technologies to include SIEM (such as Splunk ES, Securonix, IBM QRadar, HP ArcSight, and/or McAfee ESM/Nitro), data analytics platforms, endpoint tools, network technologies and appliances, etc.

  11. Experience with integrating industry-recognized network defense frameworks (e.g., MITRE ATT&CKTM, Lockheed Martin Cyber Kill Chain®, Diamond Model, etc.) into network defense processes.

  12. Ability to evangelize security concepts to a wide audience and influence decision-making processes.

  13. Strong communication (both verbal and written) with experience briefing corporate executives and professionals

  14. Must be self-motivated and able to lead others to achieve successful outcomes.

Equal Employment Opportunity:

Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.

Regular or Temporary:


Preferred Qualifications:

  1. Master’s Degree in Cyber Security or IT-related field.

  2. Utilities or energy experience.

  3. Familiarity with DLP, SIEM, NIDS/NIPS, HIDS/HIPS, and endpoint protection suite

  4. Certifications: CISSP, GCIH, GCFA, GCFE, GMON, GSEC, or other relevant security certifications.

  5. Experience working with network tools and technologies such as firewall (FW), proxies, IPS/IDS devices, full packet capture (FPC), and email platforms.

  6. Knowledge of security best practices in hardening and protecting networks, servers, endpoints, applications, and databases.

  7. Experience managing cyber security functions, strategy, and risk within Fortune 500 companies, or providing those services in a consulting capacity.

  8. Knowledge of industrial control systems, compliance standards (e.g., NERC CIP), and related cyber security standards (e.g., IEC 62443).

Full-time or Part-time:


Corporate Summary:

As one of the largest investor-owned companies in the U.S. utility sector, PPL Corporation delivers on its promises to customers, investors, employees and the communities we serve. Our utilities – Western Power Distribution, Louisville Gas and Electric and Kentucky Utilities, and PPL Electric Utilities – provide an outstanding service experience for our customers, consistently ranking among the best in the United States and the United Kingdom. PPL has grown from a company with customers and facilities in one region of Pennsylvania to a diverse energy company with more than 10 million customers in the U.S. and the U.K. PPL provides energy for millions of customers while providing challenging and rewarding careers for thousands of employees around the U.S. and abroad. Follow PPL Corporation on social mediaTwitter: @PPLCorporation (https://twitter.com/PPLCorporation)LinkedIn (https://www.linkedin.com/company/ppl-corporation)Follow PPL Electric Utilities on social mediaTwitter: @PPLElectric (https://twitter.com/PPLElectric)Facebook (www.facebook.com/PPLElectric)