Full Job Description
Overview
NOTE: This role is hybrid requiring 3 days a week onsite at one of our local offices in: Allentown, PA; Louisville, KY or Providence, RI. #LI-Hybrid #INDPPL
The IT Security Systems Analyst will leverage tools to perform vulnerability and threat monitoring. Investigates, responds to, and reports on network and security risks to PPL EU tools which include but are not limited to SIEM, NIDS/NIPS, and HIDS/HIPS suites. This position is required to do shift work. The Senior level performs assigned tasks under minimal guidance from supervisor. Additionally, this role is responsible for supporting firewall security operations, including interpreting, reviewing, and assessing firewall rules for security risk, ensuring alignment with cybersecurity standards, and least privilege principles.
Responsibilities
Essential Functions:
30 Performs a variety of complex assignments (may lead some projects) and analyzes and solves complex problems in the below areas.
30 Network and Cyber Threat Monitoring:
30 Conduct ongoing review of multiple systems and sources to detect network access, network intrusion, information integrity, and NERC CIP compliance risks
30 Investigate network security events, conducting root-cause analysis to identify threats for recurring incidents
30 Monitor and track incidents related to network access, network intrusion, cybersecurity, and NERC CIP regulatory compliance
30 Corrective Actions:
30 Troubleshoot, diagnose network problems, and implement corrective action within prescribed guidelines to mitigate impact to business continuity
30 Support restoration of secure network services as quickly as possible while limiting business impact
30 Report network incidents, cybersecurity incidents, and NERC CIP compliance risks
30 Assist in minor network or system configuration changes to improve system security and meet NERC CIP compliance requirements
30 Recommend and implement firewall rule tuning or configuration changes to mitigate identified risks and improve security posture
30 Assist in firewall policy remediation efforts to address audit findings, compliance gaps, or identified vulnerabilities
30 Interpret, review, and analyze firewall rules to identify security risks, misconfigurations, overly permissive access, and compliance gaps
30 Perform risk-based reviews of firewall rule requests and existing rule sets to ensure adherence to security standards and least privilege access
30 Support firewall governance processes, including intake validation, rule lifecycle management (create/modify/remove), and periodic recertification activities
30 Conduct firewall rule reviews to identify redundant, shadowed, or unused rules and recommend remediation actions
30 Assess firewall configurations against security baselines and hardening standards to reduce attack surface
30 Collaborate with network, infrastructure, and OT teams to ensure firewall changes are properly designed, tested, and implemented with minimal business risk
30 Utilize firewall management and policy analysis tools (e.g., FireMon, AlgoSec) to evaluate rule effectiveness, policy compliance, and risk exposure
30 Support incident response efforts by analyzing firewall logs and rule behavior to determine potential threat activity or unauthorized access paths
30 Develop and maintain documentation related to firewall policies, standards, and review procedures
30 Performs other duties as assigned
30 Complies with all policies and standards
Qualifications
Required Experience:
30 Bachelors degree and 5+ years of related work experience.
30 Deep knowledge and hands-on experience with enterprise firewall platforms, including Cisco ASA and Palo Alto Networks firewalls
30 Experience administering and managing Palo Alto Panorama for centralized firewall policy management
30 Familiarity with DLP, SIEM, NIDS/NIPS, HIDS/HIPS, and endpoint protection suite
30 Experience with firewall management, including rule lifecycle management, governance processes, and access control design
30 Strong understanding of firewall hardening practices, segmentation strategies, and least privilege network design
30 Ability to interpret complex firewall rule sets and translate findings into actionable security recommendations
30 Easily adapts to changing circumstances
30 Understands business goals and strategic priorities
Preferred Qualifications:
30 NERC CIP Compliance Analysis Certification, System Operator Certification, GIAC Critical Infrastructure Protection Security Certification
30 Possesses knowledge and understanding of specific testing tools (e.g., Windows automation tool)
30 Ability to establish and maintain the appropriate programs to recover the systems in the event of a disaster or security threat
30 Presents a creative approach to problems
30 Experience supporting fast-changing business organizations