PPL Corporation Enterprise Security Business Analyst-Specialist in Allentown, Pennsylvania
Enterprise Security Business Analyst-Specialist
Advocate for cybersecurity as an essential business requirement and advocate the business need as the foundation for cybersecurity program design.
Ensure effective communication and partnership with all departments and serve as a liaison of cybersecurity to business lines, IT, Internal Audit and Enterprise Security groups.
Engage with business partners to translate high-level business requirements into enterprise security initiatives and programs to achieve cybersecurity mission, goals and objectives.
Work closely with business stakeholders and project teams to plan, design and check appropriate levels of security governance, resource management and asset management.
Support management in the development of strategies, policy and standards to protect company information and technology assets.
Assists in developing, and maintaining cybersecurity policies, standards, procedures, checklists, and guidelines using generally-recognized security concepts and control frameworks, tailored to meet the requirements of the organization.
Contributes to the development of a risk-based cyber security program which meets regulatory requirements, minimizes business risk, and aligns with industry leading information security practices.
Guide business units, application development teams, and third-party vendors to achieve program requirements while enabling the business.
Examine requests for exceptions to policy and draft recommended decision memorandum to include requisite mitigation strategies.
Monitors industry regulatory environment for impact on security programs and changes to security compliance standards.
Assists in drafting recommendations to communicate control performance results and regulatory findings to management in an efficient, timely and concise manner.
Participates in root cause and /or lessons learned exercises, and post-mortem event analysis. Complete any follow up activities to ensure lessons learned and remediation activities are completed as agreed.
Assist in gathering and creating cost estimates and business cases for the implementation of new security tools and solutions.
Performs other duties as assigned
Travel: Expected travel up to 20% at the start of the role. Over time, travel is expected to be up to 10% through use of remote communication / meeting capabilities.
Location: Position can be based in Allentown, PA or Louisville, KY and may have a virtual office at secondary location.
The Enterprise Security Business Analyst- Specialist assists in management of an enterprise-wide security governance, risk and compliance program; enables the business to operate securely, protect its people, defend its assets and preserve shareholder value. The position is responsible for the day-to-day management and operations of enterprise wide security governance, security risk, security compliance, and security audit function. This position is specifically responsible for contributing to the success of comprehensive security initiatives and will initiate, facilitate and promote cybersecurity within the organization and monitor adherence to cybersecurity policies, standards, and controls.
This role is a PPL Services employee role with a scope of work that spans PPL Enterprise with a focus on PPL EU and LGE/KU, with some coordination responsibilities with Western Power Distribution (UK). This role reports to CISO.
Candidates must meet the basic qualifications and pass all required tests or assessments to receive consideration.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility form upon hire.
Bachelor's degree in computer science, engineering, or business, or an alternative combination of education and experience that results in equivalent job knowledge.
8-10 years of experience in large and complex business environments with a successful track record working directly with senior level management
6+ years of experience in an IT or IT Security Environment
Excellent communication, listening and facilitation skills
Ability to clearly explain and articulate technical concepts using non-technical language
Excellent written and verbal communication skills
Strong interpersonal skills; ability to work collaboratively and build consensus is essential
Excellent presentation skills, and ability to communicate with various audiences, both technical and non-technical
Equal Employment Opportunity:
Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.
Regular or Temporary:
6 or more years of experience in one or more of the following domains: Cybersecurity Governance and Risk Management, IT or Security Audit, IT or Security Compliance.
Experience with common controls frameworks, such as ISO 27001, NIST 800-53, SOX, COSO, COBIT
Business certifications in security, risk, or IT processes.
Full-time or Part-time:
As one of the largest investor-owned companies in the U.S. utility sector, PPL Corporation delivers on its promises to customers, investors, employees and the communities we serve. Our utilities – Western Power Distribution, Louisville Gas and Electric and Kentucky Utilities, and PPL Electric Utilities – provide an outstanding service experience for our customers, consistently ranking among the best in the United States and the United Kingdom. PPL has grown from a company with customers and facilities in one region of Pennsylvania to a diverse energy company with more than 10 million customers in the U.S. and the U.K. PPL provides energy for millions of customers while providing challenging and rewarding careers for thousands of employees around the U.S. and abroad.
Follow PPL Corporation on social media
Twitter: @PPLCorporation ( https://twitter.com/PPLCorporation )
LinkedIn ( https://www.linkedin.com/company/ppl-corporation )
Follow PPL Electric Utilities on social media
Twitter: @PPLElectric ( https://twitter.com/PPLElectric )
Facebook ( www.facebook.com/PPLElectric )