NOTE: This role is hybrid requiring 3 days a week onsite at one of our local offices in: Allentown, PA; Louisville, KY or Providence, RI. #LI-Hybrid
The IT Security Systems Analyst will leverage tools to perform vulnerability and threat monitoring. Investigates, responds to, and reports on network and security risks to PPL EU tools which include but are not limited to SIEM, NIDS/NIPS, and HIDS/HIPS suites. This position is required to do shift work. The Senior level performs assigned tasks under minimal guidance from supervisor. Additionally, this role is responsible for supporting firewall security operations, including interpreting, reviewing, and assessing firewall rules for security risk, ensuring alignment with cybersecurity standards, and least privilege principles.
Responsibilities
Essential Functions:
- Performs a variety of complex assignments (may lead some projects) and analyzes and solves complex problems in the below areas.
- Network and Cyber Threat Monitoring:
- Conduct ongoing review of multiple systems and sources to detect network access, network intrusion, information integrity, and NERC CIP compliance risks
- Investigate network security events, conducting root-cause analysis to identify threats for recurring incidents
- Monitor and track incidents related to network access, network intrusion, cybersecurity, and NERC CIP regulatory compliance
- Corrective Actions:
- Troubleshoot, diagnose network problems, and implement corrective action within prescribed guidelines to mitigate impact to business continuity
- Support restoration of secure network services as quickly as possible while limiting business impact
- Report network incidents, cybersecurity incidents, and NERC CIP compliance risks
- Assist in minor network or system configuration changes to improve system security and meet NERC CIP compliance requirements
- Recommend and implement firewall rule tuning or configuration changes to mitigate identified risks and improve security posture
- Assist in firewall policy remediation efforts to address audit findings, compliance gaps, or identified vulnerabilities
- Interpret, review, and analyze firewall rules to identify security risks, misconfigurations, overly permissive access, and compliance gaps
- Perform risk-based reviews of firewall rule requests and existing rule sets to ensure adherence to security standards and least privilege access
- Support firewall governance processes, including intake validation, rule lifecycle management (create/modify/remove), and periodic recertification activities
- Conduct firewall rule reviews to identify redundant, shadowed, or unused rules and recommend remediation actions
- Assess firewall configurations against security baselines and hardening standards to reduce attack surface
- Collaborate with network, infrastructure, and OT teams to ensure firewall changes are properly designed, tested, and implemented with minimal business risk
- Utilize firewall management and policy analysis tools (e.g., FireMon, AlgoSec) to evaluate rule effectiveness, policy compliance, and risk exposure
- Support incident response efforts by analyzing firewall logs and rule behavior to determine potential threat activity or unauthorized access paths
- Develop and maintain documentation related to firewall policies, standards, and review procedures
- Performs other duties as assigned
- Complies with all policies and standards
Qualifications
Required Experience:
- Bachelor's degree and 5+ years of related work experience.
- Deep knowledge and hands-on experience with enterprise firewall platforms, including Cisco ASA and Palo Alto Networks firewalls
- Experience administering and managing Palo Alto Panorama for centralized firewall policy management
- Familiarity with DLP, SIEM, NIDS/NIPS, HIDS/HIPS, and endpoint protection suite
- Experience with firewall management, including rule lifecycle management, governance processes, and access control design
- Strong understanding of firewall hardening practices, segmentation strategies, and least privilege network design
- Ability to interpret complex firewall rule sets and translate findings into actionable security recommendations
- Easily adapts to changing circumstances
- Understands business goals and strategic priorities
Preferred Qualifications:
- NERC CIP Compliance Analysis Certification, System Operator Certification, GIAC Critical Infrastructure Protection Security Certification
- Possesses knowledge and understanding of specific testing tools (e.g., Windows automation tool)
- Ability to establish and maintain the appropriate programs to recover the systems in the event of a disaster or security threat
- Presents a creative approach to problems
- Experience supporting fast-changing business organizations
PPL Corporation
Two N Ninth St
Allentown
Pennsylvania United States
www.pplweb.com


