Home
/
Comprehensive
/
Lead Cybersecurity Detection Specialist
Lead Cybersecurity Detection Specialist-March 2024
Louisville
Mar 23, 2025
About Lead Cybersecurity Detection Specialist

  Company Summary Statement

  As one of the largest investor-owned utility companies in the United States, PPL Corporation (NYSE: PPL), is committed to creating long-term, sustainable value for our 3.5 million customers, our shareowners and the communities we serve. Our high-performing regulated utilities — PPL Electric Utilities, Louisville Gas and Electric, Kentucky Utilities and Rhode Island Energy — provide an outstanding experience for our customers, consistently ranking among the best utilities in the nation. PPL’s companies are also addressing challenges head-on by investing in new infrastructure and technology that is creating a smarter, more reliable and resilient energy grid. We are committed to doing our part to advance a cleaner energy future and drive innovation that enables us to achieve net-zero carbon emissions by 2050 while maintaining energy reliability and affordability for the customers and communities we serve. PPL is a positive force in the cities and towns where we do business, providing support for programs and organizations that empower the success of future generations by helping to build and maintain strong, diverse communities today.

  Overview

  The IT Cybersecurity organization advances the overall state of security at PPL through critical initiatives and coordination of large security and customer-focused projects. The organization builds and procures technologies, tools, and processes to better enable teams at PPL to develop secure platforms and protect data and systems with appropriate security controls. IT Cybersecurity also develops systems to monitor and respond to attacks against our systems, provides awareness education to the corporation on security best practices, and ensures data sharing relationships with third parties securely protect PPL information. This role will be within IT Cybersecurity— Cybersecurity Operations.

  Purpose

  The Lead Cybersecurity Detection Specialist is responsible for safeguarding PPL’s digital assets by proactively identifying, analyzing, and responding to potential security threats. Their primary focus lies in the creation of detections that identify anomalous and unauthorized activities within networks, systems, and applications to prevent or minimize cybersecurity incidents. They are expected to be subject matter experts in various cybersecurity concepts and knowledgeable in asset security features. Overall, this position requires the individual to work with cross-functional teams to improve PPL’s security posture by enhancing and maturing detection capabilities.

  Responsibilities

  Develop and Improve Detection Signatures and Alerts - create and refine detections and alerts within multiple security tools based on Mitre Att&ck Framework.

  Monitor Detections and Alerts for Efficacy and Health - ensure that any out-of-box or custom alerts are continuously refined for efficacy, alerting as designed, tuned as needed, and have proper log sources ingesting.

  Incident Responder and Investigator - respond and assist any team investigations escalated to Cybersecurity Operations.

  Contextualize Threat Intelligence - stay updated with the latest threat intelligence to understand emerging threats and adapting detection strategies accordingly.

  Log Analysis - proactive recognition of gaps in detection capabilities, conduct historical log analysis to identify any missed unauthorized activities, and create new detection measures to address gaps.

  Implement New Tools and Technologies - evaluate and test new security technologies and/or tools that enhance detection and response capabilities.

  Train and Mentor - conduct training sessions and workshops for team members and employees to raise awareness about security threats.

  Report Metrics and Brief Leadership - identify and create operational metrics around detection visibility, efficacy, and gaps to show program progression and maturity.

  All other duties and projects as assigned.

  Qualifications

  Education

  Bachelor’s degree plus 7 years of work experience, Master’s degree plus 4 years of work experience, or 10+ years of work experience in Computer Science, Information Technology, Cybersecurity, or related fieldsExperience

  Understanding of IT fundamentals, such as network protocols, traffic analysis, TCP/IP, firewall, and endpoint logging, etc.

  Understanding of operating systems (Windows, *nix), their security mechanisms, and logging requirements

  Experience with SIEMs, IDS/IPS, antivirus software, EDR platforms, etc.

  Familiarity with cybersecurity principles and frameworks such as MITRE Att&ck, NIST, Threat Intelligence, etc.

  Proficient in scripting languages, such as Python and PowerShell

  Knowledge in automation technologies and tools, such as SOAR platforms, Power Automate, etc.

  Extensive knowledge analyzing and configuring data in SEIMs, Snort, Suricata, Zeek/Bro, and any other detection and analysis tools.

  Ability to analyze logs, network traffic, and security events for anomalies and potential threats.

  Thorough understanding of cyber threats and actors, and security monitoring and detection.

  Capable of troubleshooting security issues, recommend solutions, and implement or foster implementation with necessary administrative groups.

  Prior experience working in a cybersecurity role focused on threat detection, incident response, or security operations.

  Strong verbal and written communication skills to articulate complex security issues to different stakeholders and provide updates to senior leadership.

  Ability to collaborate with cross-functional teams.

  Preferred Qualifications

  Familiarity with cloud platforms (AWS, Azure, Google Cloud) and their security features

  Professional certifications in CISSP, GCIH, GCIA or relevant SANS GIAC certifications

  Familiarity or previous experience in Utility sector or industrial control systems

  Exceptional analytical and critical thinking, willingness to challenge the status quo

  Excellent interpersonal skills

  Self-motivator, team player, and independent worker, that is highly adaptive

  Education

  Bachelor’s degree plus 7 years of work experience, Master’s degree plus 4 years of work experience, or 10+ years of work experience in Computer Science, Information Technology, Cybersecurity, or related fieldsExperience

  Understanding of IT fundamentals, such as network protocols, traffic analysis, TCP/IP, firewall, and endpoint logging, etc.

  Understanding of operating systems (Windows, *nix), their security mechanisms, and logging requirements

  Experience with SIEMs, IDS/IPS, antivirus software, EDR platforms, etc.

  Familiarity with cybersecurity principles and frameworks such as MITRE Att&ck, NIST, Threat Intelligence, etc.

  Proficient in scripting languages, such as Python and PowerShell

  Knowledge in automation technologies and tools, such as SOAR platforms, Power Automate, etc.

  Extensive knowledge analyzing and configuring data in SEIMs, Snort, Suricata, Zeek/Bro, and any other detection and analysis tools.

  Ability to analyze logs, network traffic, and security events for anomalies and potential threats.

  Thorough understanding of cyber threats and actors, and security monitoring and detection.

  Capable of troubleshooting security issues, recommend solutions, and implement or foster implementation with necessary administrative groups.

  Prior experience working in a cybersecurity role focused on threat detection, incident response, or security operations.

  Strong verbal and written communication skills to articulate complex security issues to different stakeholders and provide updates to senior leadership.

  Ability to collaborate with cross-functional teams.

  Preferred Qualifications

  Familiarity with cloud platforms (AWS, Azure, Google Cloud) and their security features

  Professional certifications in CISSP, GCIH, GCIA or relevant SANS GIAC certifications

  Familiarity or previous experience in Utility sector or industrial control systems

  Exceptional analytical and critical thinking, willingness to challenge the status quo

  Excellent interpersonal skills

  Self-motivator, team player, and independent worker, that is highly adaptive

  Develop and Improve Detection Signatures and Alerts - create and refine detections and alerts within multiple security tools based on Mitre Att&ck Framework.

  Monitor Detections and Alerts for Efficacy and Health - ensure that any out-of-box or custom alerts are continuously refined for efficacy, alerting as designed, tuned as needed, and have proper log sources ingesting.

  Incident Responder and Investigator - respond and assist any team investigations escalated to Cybersecurity Operations.

  Contextualize Threat Intelligence - stay updated with the latest threat intelligence to understand emerging threats and adapting detection strategies accordingly.

  Log Analysis - proactive recognition of gaps in detection capabilities, conduct historical log analysis to identify any missed unauthorized activities, and create new detection measures to address gaps.

  Implement New Tools and Technologies - evaluate and test new security technologies and/or tools that enhance detection and response capabilities.

  Train and Mentor - conduct training sessions and workshops for team members and employees to raise awareness about security threats.

  Report Metrics and Brief Leadership - identify and create operational metrics around detection visibility, efficacy, and gaps to show program progression and maturity.

  All other duties and projects as assigned.

  Remote Work

  The company reserves the right to determine if this position will be assigned to work on-site, remotely, or a combination of both. Assigned work location may change. In the case of remote work, physical presence in the office/on-site may be required to engage in face-to-face interaction and coordination of work among direct reports and co-workers.

  Equal Employment Opportunity

  Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.

Comments
Welcome to zdrecruit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
SIMILAR JOBS
Research Analyst - Competition
We are looking for intellectually curious team players with strong quantitative skills to join our office in Rome. From day one as a Research Analyst (RA) in our Competition practice, you will partic
Project Assistant – Energy & Power
Your Impact: Our People & Places Solutions business – reinforces our drive to improve the lives of people everywhere and epitomizes the why of what we do – the tremendous positive impact and valu
Fire Protection Senior Designer
Build the future, spark innovation and align your career with purpose.McKinstry is innovating the waste and climate harm out of the built environment and creating lasting impact. Together, we're buil
Quality Operations Manager
Quality Operations Manager At TE, you will unleash your potential working with people from diverse backgrounds and industries to create a safer, sustainable and more connected world. Job Overview Res
Pharmacy Technician
Bring your heart to CVS Health. Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced
Finance Executive - Accounts Receivable
Job Number 24003875 Job Category Finance & Accounting Location Jaisalmer Marriott Resort & Spa, Jaisalmer-Sam-Dhanana Road, Police Line, Jaisalmer, Rajasthan, India Schedule Full-Time Located
CDL A Truck Driver
CRST is one of the nation’s largest transportation companies, providing total transportation solutions and comprehensive logistics services to customers all over North America. We are looking for Com
Eden Cocktail Server -
Why We're Here We believe heartfelt, human connections make people's lives better. Especially the people who work here. Our founder, Bill Kimpton rebelled against impersonal, generic hospitality that
Field/Office Engineer - Heavy Civil - Foundations District
Requisition ID: 170909 Job Level: Entry Level Home District/Group: Kiewit Foundations Co Department: Field Operations Market: Transportation Employment Type: Full Time Position Overview Our mission i
Lead Cloud Application Engineer
Lead Cloud Application Engineer General Information City/Cities Cary, Whippany State(s) New Jersey, North Carolina Country United States Working Schedule Full-Time Work Arrangement Hybrid Relocation
OTHERS JOBS
About
Terms and Conditions Privacy policy Cookie Settings Contact Us
Services
Login register
zdrecruit Project Management Advertising and Marketing Education Sales
Links
zpostcode Recruit weather mreligion Yellowpages sport constellation shopping name game directory literature Word tour furnish Lottery tftnews lyrics News digital car dir Edu Finance
Copyright 2023-2025 - www.zdrecruit.com All Rights Reserved