Application Security Principal

Found in: Resume Library US A2 - 2 weeks ago

Allentown Pennsylvania, United States PPL Corporation Full time
Company Summary Statement :
As one of the largest investor-owned utility companies in the United States, PPL Corporation (NYSE: PPL), is committed to creating long-term, sustainable value for our 3.5 million customers, our shareowners and the communities we serve. Our high-performing regulated utilities — PPL Electric Utilities, Louisville Gas and Electric, Kentucky Utilities and Rhode Island Energy — provide an outstanding experience for our customers, consistently ranking among the best utilities in the nation. PPL’s companies are also addressing challenges head-on by investing in new infrastructure and technology that is creating a smarter, more reliable and resilient energy grid. We are committed to doing our part to advance a cleaner energy future and drive innovation that enables us to achieve net-zero carbon emissions by 2050 while maintaining energy reliability and affordability for the customers and communities we serve. PPL is a positive force in the cities and towns where we do business, providing support for programs and organizations that empower the success of future generations by helping to build and maintain strong, diverse communities today.

Overview:
The IT Cybersecurity organization advances the overall state of security at PPL through critical initiatives and coordination of large security and customer-focused projects. The organization builds and procures technologies, tools, and processes to better enable teams at PPL to develop secure platforms and protect data and systems with appropriate security controls. IT Cybersecurity also develops systems to monitor and respond to attacks against our systems, provides educational awareness to the corporation on security best practices, and ensures data sharing relationships with third parties securely protects PPL information. This role will be within IT Cybersecurity— Product Cybersecurity.

 

Purpose
PPL is seeking a highly skilled Application Security Principal to join our Product Cybersecurity team. In this role, you will work closely with our Product Cybersecurity Manager to ensure the security and integrity of our applications and software products. You will provide expert guidance, conduct security assessments, and help shape the security posture of our products. If you are passionate about application security and have a deep understanding of modern software development practices, this position is ideal for you.

 

This position is available remote or hybrid with working locations in Louisville, KY or Allentown, PA.

Responsibilities:
Core Responsibilities

Work with Product Development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests.

Define security best practices and standards and ensure Product Development teams understand them and receive pertinent annual secure coding training.

Develop and maintain the application security architecture, ensuring that it aligns with overall security strategy and standards.

Evaluate, implement, and manage security tools and technologies that enhance the security posture of applications.

Conduct risk assessments for applications to identify potential vulnerabilities and threats, develop strategies to mitigate these risks.

Oversee and coordinate security testing activities, including static code analysis, dynamic application security testing, and penetration testing.

Perform system hardening and remediation to effectively guide developers and system administrators in addressing vulnerabilities and implementing security controls.

Perform security assessments, penetration testing, and code reviews to identify potential flaws in codes and mitigate vulnerabililties.

Analyze security needs and software requirements to determine feasibility of design within time and cost constratints and security requirements.

Perform threat modeling, risk assessment, and vulnerability management to identify potential security risks and work with development teams to implement appropriate security controls.

Provide guidance and training to development teams on secure coding practices and promote security awareness across the organization.

All other duties and projects as assigned.

Qualifications:
Education

Bachelor’s degree in computer science, Information Security, or a related field.

 

Experience

A minimum of 10+ years of experience using penetration testing tools like Burp Suite.

Experience in application security tools and IDE Plug-in environments, including HP Fortify.

Experience with securing enterprise web applications and OWASP Top 10, CVSS, CWE, WASC, and SANS-25.

Expertise in system hardening and remediation.

Proficiency in security assessments, penetration testing, and code reviews.

Expertise in threat modeling, risk assessment, and vulnerability management.

Knowledge of federal compliance standards, including NIST 800-53 and NIST CSF.

Strong leadership, communication, and interpersonal skills.

Collaborative and effective in cross-functional team environments.

Strong analytical skills to assess risks and vulnerabilities in complex systems.

Preferred Qualifications

Professional certifications such as CISSP, CSSLP, or CEH

Cloud Technology Expertise:  Demonstrate a working knowledge of various enterprise technology stacks used to build applications in the cloud.  Your understanding of cloud infrastructure will enable you to assess secruity aspects unique to cloud-based mobile applications and API's.

Cloud Platform Experience:  Possess working knowledge and practical experiences in security testing within cloud platforms, particularly Azure.  Your familiarity will be crucial for assessing the secruity of cloud-hosted mobile applications and APIs.

Proficiency in scripting and automation for security testing.

 

 

 

  • Pen Test Risk Valid Principal

    7 days ago

    Allentown, United States PPL Full time

    Company Summary Statement : As one of the largest investor-owned utility companies in the United States, PPL Corporation (NYSE: PPL), is committed to creating long-term, sustainable value for our 3.5 million customers, our shareowners and the communities we serve. Our high-performing regulated utilities PPL Electric Utilities, Louisville Gas and Electric,...

  • Principal, St. John Vianney Regional School

    2 weeks ago

    Allentown, United States Diocese of Allentown Full time

    Job DescriptionJob DescriptionDiocese of AllentownSt. John Vianney Regional School, AllentownPrincipal Position Opening - Saint John Vianney Regional School   Saint John Vianney Regional School, Allentown, PA (PreK - Gr. 8) is a vibrant inner-city Catholic school dedicated to the highest levels of academic excellence and spiritual well-being for our...

  • Principal, St. John Vianney Regional School

    5 days ago

    Allentown, United States Diocese of Allentown Full time

    Job DescriptionJob DescriptionDiocese of AllentownSt. John Vianney Regional School, AllentownPrincipal Position Opening - Saint John Vianney Regional School   Saint John Vianney Regional School, Allentown, PA (PreK - Gr. 8) is a vibrant inner-city Catholic school dedicated to the highest levels of academic excellence and spiritual well-being for our...

  • Principal Engineer

    Found in: Appcast Linkedin GBL C2 - 3 weeks ago

    Allentown, United States Air Products Full time

    Job Title :Principal Engineer - Static EquipmentJob Description and Qualifications :Principal Mechanical Engineer Job DescriptionAt Air Products, our purpose is to bring people together to reimagine what’s possible, collaborate and innovate solutions to the world’s most significant energy and environmental sustainability challenges. Grow with us as we...

  • Principal Engineer

    Found in: Appcast US C2 - 3 weeks ago

    Allentown, United States Air Products Full time

    Job Title :Principal Engineer - Static EquipmentJob Description and Qualifications :Principal Mechanical Engineer Job DescriptionAt Air Products, our purpose is to bring people together to reimagine what’s possible, collaborate and innovate solutions to the world’s most significant energy and environmental sustainability challenges. Grow with us as we...

  • Principal AI/ML Engineer

    2 weeks ago

    Allentown, United States CareerBuilder Full time

    Job Description And Qualifications At Air Products, our purpose is to bring people together to reimagine whats possible, collaborate and innovate solutions to the worlds most significant energy and environmental sustainability challenges. Grow with us as we embark on building tomorrow together by being the safest, most diverse and most profitable industrial...

  • Principal AI/ML Engineer

    2 weeks ago

    Allentown, United States Air Products Full time

    Job Description And Qualifications At Air Products, our purpose is to bring people together to reimagine what’s possible, collaborate and innovate solutions to the world’s most significant energy and environmental sustainability challenges. Grow with us as we embark on building tomorrow together by being the safest, most diverse and most profitable...

  • Principal Database Administrator

    Found in: Resume Library US A2 - 3 days ago

    Philadelphia, Pennsylvania, United States City of Philadelphia Full time

    Job Description Position Summary: The Principal Database Administrator (PDA) is responsible for providing technical planning, design, implementation of initiatives as well as oversight of existing database instances and applications integration. This includes but is not limited to overseeing the development and organization of the databases, assessment and...

  • Electrical Engineer

    1 week ago

    Allentown, United States Talen Energy Full time

    Talen Energy is seeking an experienced electrical engineer for their central engineering group. The role will perform engineering related functions for electric power generating stations that includes transformers, switchgears, PLCs, motors, wiring, etc., and would function as a subject matter expert for a number of those items depending upon areas of...

  • Pen Test Risk Valid Principal

    Found in: Talent US C2 - 3 weeks ago

    Allentown, United States PPL Services Corporation Full time

    Responsibilities Scope and perform penetration testing and vulnerability research of complex proprietary software and hardware for PPL and its operating companies. Identify and assess vulnerabilities in systems and applications. This includes utilizing manual and automated testing methods to find and exploit code flaws, misconfigurations, and insecure...

  • ERP Application Support Analyst

    Found in: Appcast Linkedin GBL C2 - 3 weeks ago

    Allentown, United States Robert Half Full time

    Robert Half is hiring an ERP Application Support Analyst.Hybrid role. 1 day onsite a weekResponsibilities:- Tier 2 and 3 tickets- Onboarding/offboarding of users- Troubleshooting hardware issues,- Working on projects for system upgrades- Work with IT Teams and vendors to troubleshoot security/network issuesProvide ongoing maintenance, support and development...

  • ERP Application Support Analyst

    Found in: Appcast US C2 - 2 weeks ago

    Allentown, United States Robert Half Full time

    Robert Half is hiring an ERP Application Support Analyst.Hybrid role. 1 day onsite a weekResponsibilities:- Tier 2 and 3 tickets- Onboarding/offboarding of users- Troubleshooting hardware issues,- Working on projects for system upgrades- Work with IT Teams and vendors to troubleshoot security/network issuesProvide ongoing maintenance, support and development...

  • Sr. Network Security Engineer

    2 weeks ago

    Allentown, United States Core BTS Full time

    Job Description Job Description Our client is seeking a highly experienced Senior Security Network Engineer to join our team. As the Senior Security Network Engineer, you will be responsible for designing, implementing, and maintaining network security policies and controls that protect our organization from cyber threats. You will be working with various...

  • School Security Officer

    5 days ago

    Allentown, United States Standing Stone Consulting Inc. Full time

    Duties will include (but are not limited to) monitoring bus duties, completing Security rounds of the property, assisting in managing in all types of situations, occasionally working weekend or evening events as requested by the school, completing tasks assigned/requested by the district, providing professional service and advice in the areas of security,...

  • Junior System Security Architect

    2 weeks ago

    Allentown, United States NavitsPartners Full time

    Job DescriptionJob DescriptionTitle: Junior System Security ArchitectPersonnel QualificationsAt least five (5) years of experience with performing information security for on premise and cloud application.Establish processes and procedures for best practices.Be familiar with HCM/CRM applications, financials applications, databases, and a variety of...

  • Sr. Network Security Engineer

    2 weeks ago

    Allentown, United States Core BTS Full time

    Job DescriptionJob DescriptionOur client is seeking a highly experienced Senior Security Network Engineer to join our team. As the Senior Security Network Engineer, you will be responsible for designing, implementing, and maintaining network security policies and controls that protect our organization from cyber threats. You will be working with various...

  • Associate Chief Information Security Officer

    6 days ago

    Allentown, United States St. Luke's University Health Network Full time

    Luke's are our most valuable asset! and improve access to care in the communities we serve, regardless of a patient's ability to pay for health care. The Associate Chief Information Security Officer will direct and oversee the information security operational readiness and day to day operational concerns within the organization, focusing on efforts to...

  • Senior Network Security Engineer

    Found in: Appcast Linkedin GBL C2 - 13 hours ago

    Allentown, United States The Denzel Group Full time

    The Senior Network Engineer - Security is responsible for the collaboration and implementation of network security solutions developed by the Information Security and Networking Architects that have been approved by the Chief information Security Officer and Senior Director of Infrastructure. Works on security related projects, initiatives or remediation...

  • Senior Network Security Engineer

    1 day ago

    Allentown, United States The Denzel Group Full time

    The Senior Network Engineer - Security is responsible for the collaboration and implementation of network security solutions developed by the Information Security and Networking Architects that have been approved by the Chief information Security Officer and Senior Director of Infrastructure. Works on security related projects, initiatives or remediation...

  • Senior Network Security Engineer

    Found in: Appcast US C2 - 2 days ago

    Allentown, United States The Denzel Group Full time

    The Senior Network Engineer - Security is responsible for the collaboration and implementation of network security solutions developed by the Information Security and Networking Architects that have been approved by the Chief information Security Officer and Senior Director of Infrastructure. Works on security related projects, initiatives or remediation...