PPL Corporation Intermediate IT Access Mgmt Analyst / Senior IT Access Mgmt Analyst in Allentown, Pennsylvania
Intermediate IT Access Mgmt Analyst / Senior IT Access Mgmt Analyst
Performs IT Security Identity and Access Management and applicable compliance work including:
• Support specific logical access controls to secure the environment to meet a “least privilege” cybersecurity approach and achieve demonstrated compliance to regulatory requirements.
• Execute on a range of assigned access verification/validation tasks.
• Completion of selected tracking and monitoring tasks assigned to IT Security.
o Maintains inventory of IAM required tasks and oversight responsibilities (e.g., CIP, SOX) to ensure full compliance with Company and Department processes; helps responsibility is assigned to each task; and monitors for completion.
• IAM process and technology development and monitoring.
• Develop and/or maintain, and follow, workgroup procedures and documentation, including maintenance of associated tools, technologies, processes, procedures, templates, and necessary modifications and updates.
• Proactively and as required, evaluate integrated IAM systems/processes for gaps and enhancements, including identifying, recommending and remediating per findings as part of corporate root cause processes.
o Assists in preparing oral or written reports for management or regulatory agencies during and at the conclusion of the examination, discussing findings, recommending corrective action and suggesting improvements in operations.
• Create and collect associated IAM related evidence per regulatory and/or internal compliance requirements.
• Timely processing of assigned security request and/or incident tasks.
• Development and delivery of IAM related metrics, including alignment with corporate compliance needs and associated training
• Support for continual (24x7x365) identity and access management services (includes serving as a team member responding in a timely manner as part of security team, for primary 24x7 on call IAM response on rotational basis (typically one week at a time).
• Supports and participates in evidence development and review for oversight and audit activities (such as Internal Audit, NERC, and SOX) as required.
• Supports the System Development Life Cycle (SDLC). Activities include design, testing, communication and deployment of IT and business solutions, especially those aligned with compliance and security posture. Reviews evidence to ensure IT software and hardware deployments meet regulatory and internal standard requirements.
• Promptly reports and escalates compliance and control exceptions and deficiencies to management as warranted.
• Effectively communicates with peers, management, across functional/business domains, with vendors and stakeholders regarding adherence to policies, procedures and standards for the IT security environment.
PPL’s IT Security team has the vital responsibility of protecting the integrity, confidentiality and availability of information and systems within PPL Electric Utilities and PPL Corporation. As a member of an overall IT Security team, this position supports a key focus on providing a range of security solutions for evolving and vital Identity and Access Management (IAM) needs (e.g. access provisioning, de-provisioning, access validation, authentication), through analytical, technical, communication, and/or business process support. Activities include flexible design, development, and delivery of coordinated, monitored, and well documented services in managing to security and compliance-driven requirements for both on premise and cloud needs. This includes applicable IAM aspects of regulations such as (but not exclusive to) the North American Electric Reliability Corporation’s Critical Infrastructure Protection (NERC CIP) Standards and the Sarbanes-Oxley (SOX) Act of 2002 requirements; FERC-Transmission Function Information (FERC-TFI), as well as internal company information security policies and procedures.
Candidates must meet the basic qualifications and pass all required tests or assessments to receive consideration.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility form upon hire.
Bachelor's degree in information security, computer science, math, or business related field or an alternate combination of education and experience which results in equivalent job knowledge is required.
Two or more years’ experience in information technology required, including knowledge and performance of information systems compliance and controls. Minimum five years experience required for senior level position.
Professional interpersonal skills and strong proficiency in oral and written communications are also required.
Attention to detail is critical in this role.
Must maintain the ability to work professionally with confidential or sensitive matters.
Must have the ability to work independently.
Incumbent must effectively and energetically embrace rapid technological and business changes while displaying sound judgment and common sense to achieve successful results.
A successful academic or work background indicating a demonstrated ability to absorb information, apply conceptual skills in practical applications, achieve desired result in a highly technical operating environment is required.
Equal Employment Opportunity:
Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.
Regular or Temporary:
Advanced fluency in process automation, office productivity tools, databases/queries, operating system (Windows/Linux) fundamentals, development background and/or scripting skills.
Relevant professional information security, auditing, control certification(s) and/or training.
Experience working within Electric industry, or other regulated environments.
Full-time or Part-time:
As one of the largest investor-owned companies in the U.S. utility sector, PPL Corporation delivers on its promises to customers, investors, employees and the communities we serve. Our utilities – Western Power Distribution, Louisville Gas and Electric and Kentucky Utilities, and PPL Electric Utilities – provide an outstanding service experience for our customers, consistently ranking among the best in the United States and the United Kingdom. PPL has grown from a company with customers and facilities in one region of Pennsylvania to a diverse energy company with more than 10 million customers in the U.S. and the U.K. PPL provides energy for millions of customers while providing challenging and rewarding careers for thousands of employees around the U.S. and abroad.
Follow PPL Corporation on social media: