PPL - Allentown, PA
posted about 2 months ago
Full-time - Mid Level
Remote - Allentown, PA
Utilities
About the position
The Lead Cloud Engineer at PPL Corporation will play a crucial role in enhancing the security of the company's cloud infrastructure. This position involves working closely with the Cloud Engineering team to ensure the security and configuration of PPL's cloud services, particularly within Microsoft Azure and M365 environments. The engineer will be responsible for monitoring cyber technology, identifying vulnerabilities, and implementing security controls to protect data and systems.
Responsibilities
- Identify vulnerabilities within Cloud applications and underlying code using static analysis tools.
- Develop and enforce Cloud Access Security Broker (CASB) policies and procedures.
- Manage the mobile device and mobile application solution to ensure devices are managed, data is protected, and security policies are enforced.
- Configure and manage conditional access policies to control access to cloud resources based on user identity, device, and location.
- Manage Azure Active Directory identity and access management (IAM) solutions.
- Implement and manage security controls for Office 365.
- Utilize tooling to routinely monitor and analyze the cloud environment for security threats and vulnerabilities.
- Assist relevant parties on identified gaps based on analysis and execute strategies to mitigate/address the risk.
- Collaborate with cross-functional teams to integrate security controls and processes into cloud infrastructure and applications.
- Assess and recommend security tools, technologies, and services that enhance cloud security posture.
- Identify and apply strategies to optimize resource utilization and minimize cost.
- All other duties and projects as assigned.
Requirements
- Bachelor's degree in Computer Science, Information Security, or a related field or equivalent work experience.
- A minimum of 7+ years of direct cybersecurity cloud experience in the configuration and support of cloud applications and infrastructure.
- Experience in the configuration and support of Microsoft 365 services including Microsoft Endpoint Manager, Microsoft Defender for Cloud, Conditional Access, and Microsoft Identity and Access.
- Understanding of modern cloud technology components and deployment patterns such as virtual machines, containers, Kubernetes, serverless, and infrastructure as code.
- Demonstrated knowledge of Azure architecture and core services such as Virtual Machines, Azure Active Directory, and Azure Networking.
- Experience with DevOps methodologies and tools.
- Experience in Cloud Native Security practices and technologies including Container security and Threat detection.
- Experience in utilizing Cloud Native Security Tools and Platforms such as CSPM and CWPP.
- Scripting skills in languages like PowerShell or Azure CLI for automation.
- Knowledge of Azure security tools and features like Azure Key Vault.
- Experience working in Agile teams and knowledge of Agile principles and practices.
- Experience in Security and/or Regulatory Frameworks such as NIST and CIS Benchmarks.
Nice-to-haves
- Knowledge of programming languages like Python, .NET, or Java.
- Experience with AWS and Google Cloud services.
- Experience with building CI/CD pipelines to support application and infrastructure deployments.
- Understanding of data analytics and machine learning concepts.
- Experience utilizing the Scaled Agile Framework (SAFe).
- Proficiency in scripting and automation for security testing.
- Knowledge of Azure configuration best practices.
- Relevant Cybersecurity certifications (e.g. CISSP, CISM, CISA, CCSP).
- Relevant Microsoft Certifications (e.g. Azure Administration Associate, Azure Security Engineer Associate).
