Home
/
Comprehensive
/
Lead Cybersecurity Detection Specialist
Lead Cybersecurity Detection Specialist-March 2024
Providence
Mar 28, 2026
About Lead Cybersecurity Detection Specialist

  Company Summary Statement

  As one of the largest investor-owned utility companies in the United States, PPL Corporation (NYSE: PPL), is committed to creating long-term, sustainable value for our 3.5 million customers, our shareowners and the communities we serve. Our high-performing regulated utilities — PPL Electric Utilities, Louisville Gas and Electric, Kentucky Utilities and Rhode Island Energy — provide an outstanding experience for our customers, consistently ranking among the best utilities in the nation. PPL’s companies are also addressing challenges head-on by investing in new infrastructure and technology that is creating a smarter, more reliable and resilient energy grid. We are committed to doing our part to advance a cleaner energy future and drive innovation that enables us to achieve net-zero carbon emissions by 2050 while maintaining energy reliability and affordability for the customers and communities we serve. PPL is a positive force in the cities and towns where we do business, providing support for programs and organizations that empower the success of future generations by helping to build and maintain strong, diverse communities today.

  Overview

  The IT Cybersecurity organization advances the overall state of security at PPL through critical initiatives and coordination of large security and customer-focused projects. The organization builds and procures technologies, tools, and processes to better enable teams at PPL to develop secure platforms and protect data and systems with appropriate security controls. IT Cybersecurity also develops systems to monitor and respond to attacks against our systems, provides awareness education to the corporation on security best practices, and ensures data sharing relationships with third parties securely protect PPL information. This role will be within IT Cybersecurity— Cybersecurity Operations.

  Purpose

  The Lead Cybersecurity Detection Specialist is responsible for safeguarding PPL’s digital assets by proactively identifying, analyzing, and responding to potential security threats. Their primary focus lies in the creation of detections that identify anomalous and unauthorized activities within networks, systems, and applications to prevent or minimize cybersecurity incidents. They are expected to be subject matter experts in various cybersecurity concepts and knowledgeable in asset security features. Overall, this position requires the individual to work with cross-functional teams to improve PPL’s security posture by enhancing and maturing detection capabilities.

  Responsibilities

  Develop and Improve Detection Signatures and Alerts - create and refine detections and alerts within multiple security tools based on Mitre Att&ck Framework.

  Monitor Detections and Alerts for Efficacy and Health - ensure that any out-of-box or custom alerts are continuously refined for efficacy, alerting as designed, tuned as needed, and have proper log sources ingesting.

  Incident Responder and Investigator - respond and assist any team investigations escalated to Cybersecurity Operations.

  Contextualize Threat Intelligence - stay updated with the latest threat intelligence to understand emerging threats and adapting detection strategies accordingly.

  Log Analysis - proactive recognition of gaps in detection capabilities, conduct historical log analysis to identify any missed unauthorized activities, and create new detection measures to address gaps.

  Implement New Tools and Technologies - evaluate and test new security technologies and/or tools that enhance detection and response capabilities.

  Train and Mentor - conduct training sessions and workshops for team members and employees to raise awareness about security threats.

  Report Metrics and Brief Leadership - identify and create operational metrics around detection visibility, efficacy, and gaps to show program progression and maturity.

  All other duties and projects as assigned.

  Qualifications

  Education

  Bachelor’s degree plus 7 years of work experience, Master’s degree plus 4 years of work experience, or 10+ years of work experience in Computer Science, Information Technology, Cybersecurity, or related fieldsExperience

  Understanding of IT fundamentals, such as network protocols, traffic analysis, TCP/IP, firewall, and endpoint logging, etc.

  Understanding of operating systems (Windows, *nix), their security mechanisms, and logging requirements

  Experience with SIEMs, IDS/IPS, antivirus software, EDR platforms, etc.

  Familiarity with cybersecurity principles and frameworks such as MITRE Att&ck, NIST, Threat Intelligence, etc.

  Proficient in scripting languages, such as Python and PowerShell

  Knowledge in automation technologies and tools, such as SOAR platforms, Power Automate, etc.

  Extensive knowledge analyzing and configuring data in SEIMs, Snort, Suricata, Zeek/Bro, and any other detection and analysis tools.

  Ability to analyze logs, network traffic, and security events for anomalies and potential threats.

  Thorough understanding of cyber threats and actors, and security monitoring and detection.

  Capable of troubleshooting security issues, recommend solutions, and implement or foster implementation with necessary administrative groups.

  Prior experience working in a cybersecurity role focused on threat detection, incident response, or security operations.

  Strong verbal and written communication skills to articulate complex security issues to different stakeholders and provide updates to senior leadership.

  Ability to collaborate with cross-functional teams.

  Preferred Qualifications

  Familiarity with cloud platforms (AWS, Azure, Google Cloud) and their security features

  Professional certifications in CISSP, GCIH, GCIA or relevant SANS GIAC certifications

  Familiarity or previous experience in Utility sector or industrial control systems

  Exceptional analytical and critical thinking, willingness to challenge the status quo

  Excellent interpersonal skills

  Self-motivator, team player, and independent worker, that is highly adaptive

  Education

  Bachelor’s degree plus 7 years of work experience, Master’s degree plus 4 years of work experience, or 10+ years of work experience in Computer Science, Information Technology, Cybersecurity, or related fieldsExperience

  Understanding of IT fundamentals, such as network protocols, traffic analysis, TCP/IP, firewall, and endpoint logging, etc.

  Understanding of operating systems (Windows, *nix), their security mechanisms, and logging requirements

  Experience with SIEMs, IDS/IPS, antivirus software, EDR platforms, etc.

  Familiarity with cybersecurity principles and frameworks such as MITRE Att&ck, NIST, Threat Intelligence, etc.

  Proficient in scripting languages, such as Python and PowerShell

  Knowledge in automation technologies and tools, such as SOAR platforms, Power Automate, etc.

  Extensive knowledge analyzing and configuring data in SEIMs, Snort, Suricata, Zeek/Bro, and any other detection and analysis tools.

  Ability to analyze logs, network traffic, and security events for anomalies and potential threats.

  Thorough understanding of cyber threats and actors, and security monitoring and detection.

  Capable of troubleshooting security issues, recommend solutions, and implement or foster implementation with necessary administrative groups.

  Prior experience working in a cybersecurity role focused on threat detection, incident response, or security operations.

  Strong verbal and written communication skills to articulate complex security issues to different stakeholders and provide updates to senior leadership.

  Ability to collaborate with cross-functional teams.

  Preferred Qualifications

  Familiarity with cloud platforms (AWS, Azure, Google Cloud) and their security features

  Professional certifications in CISSP, GCIH, GCIA or relevant SANS GIAC certifications

  Familiarity or previous experience in Utility sector or industrial control systems

  Exceptional analytical and critical thinking, willingness to challenge the status quo

  Excellent interpersonal skills

  Self-motivator, team player, and independent worker, that is highly adaptive

  Develop and Improve Detection Signatures and Alerts - create and refine detections and alerts within multiple security tools based on Mitre Att&ck Framework.

  Monitor Detections and Alerts for Efficacy and Health - ensure that any out-of-box or custom alerts are continuously refined for efficacy, alerting as designed, tuned as needed, and have proper log sources ingesting.

  Incident Responder and Investigator - respond and assist any team investigations escalated to Cybersecurity Operations.

  Contextualize Threat Intelligence - stay updated with the latest threat intelligence to understand emerging threats and adapting detection strategies accordingly.

  Log Analysis - proactive recognition of gaps in detection capabilities, conduct historical log analysis to identify any missed unauthorized activities, and create new detection measures to address gaps.

  Implement New Tools and Technologies - evaluate and test new security technologies and/or tools that enhance detection and response capabilities.

  Train and Mentor - conduct training sessions and workshops for team members and employees to raise awareness about security threats.

  Report Metrics and Brief Leadership - identify and create operational metrics around detection visibility, efficacy, and gaps to show program progression and maturity.

  All other duties and projects as assigned.

  Remote Work

  The company reserves the right to determine if this position will be assigned to work on-site, remotely, or a combination of both. Assigned work location may change. In the case of remote work, physical presence in the office/on-site may be required to engage in face-to-face interaction and coordination of work among direct reports and co-workers.

  Equal Employment Opportunity

  Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.

Comments
Welcome to zdrecruit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
SIMILAR JOBS
Customer Support Specialist
Why Choose Suddath to “Move” your Career to the Next Level? At Suddath, you can be part of something special and inclusive! Join a team that has a 100+ year reputation for excellence as an innovative
Systems Engineer, Sr
Senior Systems Engineer Our Defense Group is currently hiring for a Senior Systems Engineer at our state-of-the-art facility by Bournemouth International Airport. As the Senior Systems Engineer, you
Office Admin (entry-level, hourly)
Overview What You’ll Do The Office Admin supports our Office Manager in executing the important behind-the-scenes administrative functions that keep the venue functioning efficiently. Without this cr
Senior Field Marketing Manager
We're looking for a Senior Field Marketing Manager Cornerstone is looking for a Senior Field Marketing Manager to join our Demand Generation team. We are looking for a creative, driven integrated cam
Cyber Defender (mid-level)
Description/Job Summary Location: Fort Eisenhower, GA Requires US Citizenship Employment Term and Type: Regular, Full Time (on site) Required Security Clearance: TS/SCI w CI POLY Required Education:
MCR, OBU, HEMA, Urumqi
By clicking the “Apply” button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Taked
LPN - Skilled Nursing Facility
$10,000 Sign On Bonus for qualified applicants! Starr Regional Medical Center is currently seeking talent to fill the position of LPN. This job is permanent, full time. Benefits Include: $10,000 sign
Respiratory Therapist II, Registered - Respiratory Therapy
Job Description Kapi'olani Medical Center for Women & Children is Hawai'i’s only maternity, newborn and pediatric specialty hospital. It is well recognized as Hawai'i’s leader in the care of wome
Registered Nurse Operating Room
Join our team as an Operating Room Registered Nurse! Our team gets to work with a variety of cases allowing you to gain a wide range of skills within the Operating Room. Regions Hospital has 21 opera
Energy Technologist - Remote
Your Impact: Our People & Places Solutions business – reinforces our drive to improve the lives of people everywhere and epitomizes the why of what we do – the tremendous positive impact and valu
OTHERS JOBS
About
Terms and Conditions Privacy policy Cookie Settings Contact Us
Services
Login register
zdrecruit Project Management Advertising and Marketing Education Sales
Links
zpostcode Recruit weather mreligion Yellowpages sport constellation shopping name game directory literature Word tour furnish Lottery tftnews lyrics News digital car dir Edu Finance
Copyright 2023-2026 - www.zdrecruit.com All Rights Reserved