Get Into Energy Jobs

Job Information

PPL Corporation Application Security Architect- Remote in Allentown, Pennsylvania


Internal Title:

Application Security Architect- Remote

Primary Responsibilities:

Leads projects, analyzes and solves complex problems, and recommends solutions in the below areas.

Application Security:

  • Lead development of security architecture and design, for a wide range of hardware/ software products and services.

  • Lead definition of secure-SDLC (system development lifecycle) and product security maturity model, to adopt a shift-left approach to security.

  • Develop security controls and processes for products developed and deployed in cloud environments.

  • Develop in-depth security architecture, design and coding standards across infrastructure, application, and data security, to drive a standardized set of security requirements, and align with internal policies and meet external compliance/regulatory requirements.

  • Perform threat modeling, conduct reviews of security architecture and platform/service designs, and audit source code.

  • Drive open innovation in product security best practices through industry collaboration.

  • Provide product security related coaching and mentoring to elevate security expertise of development teams.

Product Ownership:

  • Responsible for vision of cybersecurity products.

  • Drive cybersecurity requirements as a chapter lead.

  • Determine security requirements by evaluating business strategies and requirements.

  • Identify functional and technical cybersecurity requirements, integration needs and prepare cost estimates.

  • Integrate technical, managerial, and financial considerations when sponsoring solutions.

  • Technical acumen and experience in implementing secure business technology, including finance, human capital management, logistics, supply chain and corporate functions

Thought Leadership:

  • Track and understand emerging cybersecurity practices and standards by participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations.

  • Research information security standards, conducting system security and vulnerability analyses, and risk assessments, studying architecture/platform evolution.

  • Develop criteria to assess and validate IT security risks (e.g., DLP, IDS, NERC CIP) and relevant security architectures.

  • Provide technical and thought leadership for the development of security architectures.

  • Apply a working knowledge of security models and methods for integrating security into a system architecture.

  • Ability to influence a significant transformation in the security practices across business technology platforms.

Problem Resolution:

  • Assist in resolving security problems through the appropriate choice of error detection and correction, process control and improvement, or process design strategies.

  • Leverage all available tools and use virtual presence to engage and coordinate work among teammates and peers.

May be assigned an Electric Utilities emergency and storm role. This is a special assignment that comes into play during storms and other emergencies when the company needs to restore power or respond to other issues affecting customer service. This role may necessitate the need to work after-hours, outside of your normal schedule.

Requisition ID:


Position Summary:

Remote Opportunity

The Application Security Architect works to embed security seamlessly into the development lifecycle of technology systems and services. Recognized as an expert within the organization and works independently to skillfully balance security best practices against business drivers, with an evaluation of risk and cost. Uses extensive technical knowledge discipline to proactively solve unique and complex cybersecurity application issues that have a broad impact on the business products. Acts the product owner for project teams to achieve milestones and objectives. Trains and develops staff. May supervise a limited number of individual contributors.

Candidate Qualifications:

Candidates must meet the basic qualifications and pass all required tests or assessments to receive consideration.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility form upon hire.

Experience Level:


Recruiting Location:


Additional Requirements:

The company reserves the right to determine if this position will be assigned to work on-site, remotely, or a combination of both. Assigned work location may change. In the case of remote work, physical presence in the office/on-site may be required to engage in face-to-face interaction and coordination of work among direct reports and co-workers.

This position is a safety-sensitive role. Upon acceptance of a conditional offer, all individuals in safety-sensitive roles are obligated report the use of any medication that may impair their ability to perform the job in a safe manner.

Basic Qualifications:

Basic Qualifications for Lead Level:

  1. Bachelor's degree and 7 years of related work experience OR 10 years of related work experience

  2. Experience with NIST, NERC CIP, SOX and PCI requirements

  3. Proven ability to prioritize and execute tasks

  4. Highly self-motivated and directed with attention to detail

  5. Easily adapts to changing circumstances

  6. Understands business goals and strategic priorities

  7. Promotes respect and can work effectively with diverse groups and environments

Basic Qualifications for Principal Level:

  1. Bachelor's degree in related technical discipline.

  2. More than 15 years experience in related technical discipline and approval of the Chief Information Officer or higher.

  3. Certified Information Systems Security Professional- CISSP

  4. Experience with NIST, NERC CIP, SOX and PCI requirements

  5. Proven ability to prioritize and execute tasks

  6. Highly self-motivated and directed with attention to detail

  7. Easily adapts to changing circumstances

  8. Understands business goals and strategic priorities

  9. Promotes respect and can work effectively with diverse groups and environments

Equal Employment Opportunity:

Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.

Regular or Temporary:


Preferred Qualifications:

Preferred Qualifications for Lead Level:

  1. Experience supporting fast-changing business organizations

  2. NERC CIP Compliance Analysis Certification, System Operator Certification, Certified Information Systems Security Professional (CISSP), GIAC Critical Infrastructure Protection Security Certification

Preferred Qualifications for Principal Level:

  1. Master's degree in related technical discipline or MBA

Full-time or Part-time:


Corporate Summary:

As one of the largest investor-owned companies in the U.S. utility sector, PPL Corporation delivers on its promises to customers, investors, employees and the communities we serve. Our utilities - Western Power Distribution, Louisville Gas and Electric and Kentucky Utilities, and PPL Electric Utilities - provide an outstanding service experience for our customers, consistently ranking among the best in the United States and the United Kingdom. PPL has grown from a company with customers and facilities in one region of Pennsylvania to a diverse energy company with more than 10 million customers in the U.S. and the U.K. PPL provides energy for millions of customers while providing challenging and rewarding careers for thousands of employees around the U.S. and abroad.

Follow PPL Corporation on social media





Follow PPL Electric Utilities on social media






PPL Electric Stories