Ppl Llc
It's fun to work in a company where people truly BELIEVE in what they're doing!*We're committed to bringing passion and customer focus to the business.*Our people make all the difference in our success.Public Partnerships LLC supports individuals with disabilities or chronic illnesses and aging adults, to remain in their homes and communities and “self” direct their own long-term home care. Our role as the nation’s largest and most experienced Financial Management Service provider is to assist those eligible Medicaid recipients to choose and pay for their own support workers and services within their state-approved personalized budget.We are appointed by states and managed healthcare organizations to better serve more of their residents and members requiring long-term care and ensure the efficient use of taxpayer funded services. Our culture attracts and rewards people who are results-oriented and strive to exceed customer expectations. We desire motivated candidates who are excited to join our fast-paced, entrepreneurial environment, and who want to make a difference in helping transform the lives of the consumers we serve. (learn more at www.pplfirst.com).**Position Title:**SOC Analyst**Reports to:**Director of Cybersecurity**Duties & Responsibilities:****Job Summary**We are seeking a skilled and motivated SOC Analyst to join our Security Operations Center team. In this role, you will be responsible for monitoring, analyzing, and responding to security threats using a variety of tools and technologies. The ideal candidate will possess strong technical expertise, analytical thinking, and a proactive approach to detecting and mitigating cybersecurity risks.**Key Responsibilities****Cybersecurity & Fraud Investigations**·
Support cybersecurity and fraud investigations by correlating digital forensic artifacts with behavioral indicators and transaction logs.·
Perform forensic analysis across endpoints, servers, cloud infrastructure, and logs to reconstruct cyber and fraud incidents.·
Collaborate with fraud, compliance, and legal teams to investigate suspicious financial and identity-based activities.·
Develop threat profiles and fraud detection patterns to improve correlation rules and proactive alerting.**Security Monitoring & Detection*** Monitor security alerts and events from SIEM and other security monitoring sources.* Analyze application logs (authentication, transactions, API activity) to identify anomalies and potential fraud indicators.* Conduct alert triage, prioritize security events, and escalate incidents as required.* Perform proactive threat hunting and anomaly detection using endpoint and network data.**Incident Response & Forensics*** Respond to and contain security incidents, coordinating with internal teams as needed.* Utilize EDR tools (e.g., Microsoft Defender, CrowdStrike), forensic platforms, packet analyzers, and case management systems.* Participate in post-incident reviews and support in-depth forensic investigations.**Security Operations & Continuous Improvement*** Create, update, and maintain detailed incident tickets documenting findings and actions taken.* Assist in developing and tuning detection rules, dashboards, and security reports.* Maintain awareness of emerging threats, vulnerabilities, and attack techniques.* Develop and maintain SOC documentation, including SOPs, runbooks, and security best practices.**Required Skills:**·
Strong ability to support cybersecurity and fraud investigations by correlating digital forensic artifacts with behavioral indicators and transaction data.·
Hands-on experience performing forensic analysis across endpoints, servers, cloud environments, and log sources to reconstruct cyber and fraud incidents.·
Proficiency collaborating with fraud, compliance, legal, IT, and security teams during investigations involving financial or identity-based threats.·
Practical experience with security tools, including EDR platforms (e.g., Microsoft Defender, CrowdStrike), forensic tools, packet analyzers, SIEMs, and case management systems.·
Ability to develop threat profiles and fraud detection patterns to enhance correlation rules and proactive alerting capabilities.·
Demonstrated experience monitoring and analyzing security alerts and events from SIEM and other monitoring platforms.·
Strong skills in analyzing application and system logs (authentication, transaction, API activity) to identify security anomalies and fraud indicators.·
Proven capability to analyze security incidents to determine impact, scope, root cause, and remediation actions.·
Experience executing incident response and containment, coordinating effectively with internal stakeholders.·
Strong documentation skills, including creating and maintaining incident tickets with detailed findings and timelines.·
Ability to perform alert triage, prioritize events, and escalate incidents based on severity and risk.·
Experience conducting threat hunting and anomaly detection using endpoint, network, and log data.·
Solid understanding of current threats, vulnerabilities, and attack techniques affecting enterprise environments.·
Experience assisting with the creation, tuning, and optimization of detection rules, dashboards, and security reports.·
Ability to participate in post-incident reviews and support deeper forensic investigations.·
Knowledge of SOC operations, including developing and maintaining SOPs, runbooks, and security best practices.**Qualifications:**Education:Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field, or equivalent experience.Minimum 2-4+ years of experience in security operations, incident response, or similar cybersecurity role.Experience with SIEM tools (e.g., Sentinel, Splunk, QRadar, LogRhythm, ArcticWolf, DataDog).Understanding of network protocols, operating systems, and common threat actor techniques (MITRE ATT&CK framework).Familiarity with firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, and endpoint detection tools.Strong analytical, problem-solving, and communication skills.Ability to work in a 24/7 on-call rotation or shift-based environment if required.**Preferred Attributes:**Security certifications such as CompTIA Security+, CISSP, CISM, CEH, GCIA, GCIH, or SSCP, etc.7 -10 years’ experience in leu of bachelor’s degree.Experience with scripting languages (e.g., Python, PowerShell) for automation.Knowledge of cloud security (AWS, Azure, or GCP).Experience in vulnerability management and threat intelligence.**Compensation Range: $105,000-$120,000****Working Conditions:**Office and Remote work.Up to 10% of travel expected.**Supervisory Responsibility** (If applicable):
**The above is intended to describe the general contents and requirements of work being performed by people assigned to this classification.
It is not intended to be construed as an exhaustive statement of all duties, responsibilities, or skills of personnel so classified.**The above is intended to describe the general contents and requirements of work being performed by people assigned to this classification. It is not intended to be construed as an exhaustive statement of all duties, responsibilities, or skills of personnel so classifiedPPL is an Equal Opportunity Employer dedicated to celebrating diversity and intentionally creating a culture of inclusion. We believe that we work best when our employees feel empowered and accepted, and that starts by honoring each of our unique life experiences. At PPL, all aspects of employment regarding recruitment, hiring, training, promotion, compensation, benefits, transfers, layoffs, return from layoff, company-sponsored training, education, and social and recreational #J-18808-Ljbffr
Support cybersecurity and fraud investigations by correlating digital forensic artifacts with behavioral indicators and transaction logs.·
Perform forensic analysis across endpoints, servers, cloud infrastructure, and logs to reconstruct cyber and fraud incidents.·
Collaborate with fraud, compliance, and legal teams to investigate suspicious financial and identity-based activities.·
Develop threat profiles and fraud detection patterns to improve correlation rules and proactive alerting.**Security Monitoring & Detection*** Monitor security alerts and events from SIEM and other security monitoring sources.* Analyze application logs (authentication, transactions, API activity) to identify anomalies and potential fraud indicators.* Conduct alert triage, prioritize security events, and escalate incidents as required.* Perform proactive threat hunting and anomaly detection using endpoint and network data.**Incident Response & Forensics*** Respond to and contain security incidents, coordinating with internal teams as needed.* Utilize EDR tools (e.g., Microsoft Defender, CrowdStrike), forensic platforms, packet analyzers, and case management systems.* Participate in post-incident reviews and support in-depth forensic investigations.**Security Operations & Continuous Improvement*** Create, update, and maintain detailed incident tickets documenting findings and actions taken.* Assist in developing and tuning detection rules, dashboards, and security reports.* Maintain awareness of emerging threats, vulnerabilities, and attack techniques.* Develop and maintain SOC documentation, including SOPs, runbooks, and security best practices.**Required Skills:**·
Strong ability to support cybersecurity and fraud investigations by correlating digital forensic artifacts with behavioral indicators and transaction data.·
Hands-on experience performing forensic analysis across endpoints, servers, cloud environments, and log sources to reconstruct cyber and fraud incidents.·
Proficiency collaborating with fraud, compliance, legal, IT, and security teams during investigations involving financial or identity-based threats.·
Practical experience with security tools, including EDR platforms (e.g., Microsoft Defender, CrowdStrike), forensic tools, packet analyzers, SIEMs, and case management systems.·
Ability to develop threat profiles and fraud detection patterns to enhance correlation rules and proactive alerting capabilities.·
Demonstrated experience monitoring and analyzing security alerts and events from SIEM and other monitoring platforms.·
Strong skills in analyzing application and system logs (authentication, transaction, API activity) to identify security anomalies and fraud indicators.·
Proven capability to analyze security incidents to determine impact, scope, root cause, and remediation actions.·
Experience executing incident response and containment, coordinating effectively with internal stakeholders.·
Strong documentation skills, including creating and maintaining incident tickets with detailed findings and timelines.·
Ability to perform alert triage, prioritize events, and escalate incidents based on severity and risk.·
Experience conducting threat hunting and anomaly detection using endpoint, network, and log data.·
Solid understanding of current threats, vulnerabilities, and attack techniques affecting enterprise environments.·
Experience assisting with the creation, tuning, and optimization of detection rules, dashboards, and security reports.·
Ability to participate in post-incident reviews and support deeper forensic investigations.·
Knowledge of SOC operations, including developing and maintaining SOPs, runbooks, and security best practices.**Qualifications:**Education:Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field, or equivalent experience.Minimum 2-4+ years of experience in security operations, incident response, or similar cybersecurity role.Experience with SIEM tools (e.g., Sentinel, Splunk, QRadar, LogRhythm, ArcticWolf, DataDog).Understanding of network protocols, operating systems, and common threat actor techniques (MITRE ATT&CK framework).Familiarity with firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, and endpoint detection tools.Strong analytical, problem-solving, and communication skills.Ability to work in a 24/7 on-call rotation or shift-based environment if required.**Preferred Attributes:**Security certifications such as CompTIA Security+, CISSP, CISM, CEH, GCIA, GCIH, or SSCP, etc.7 -10 years’ experience in leu of bachelor’s degree.Experience with scripting languages (e.g., Python, PowerShell) for automation.Knowledge of cloud security (AWS, Azure, or GCP).Experience in vulnerability management and threat intelligence.**Compensation Range: $105,000-$120,000****Working Conditions:**Office and Remote work.Up to 10% of travel expected.**Supervisory Responsibility** (If applicable):
**The above is intended to describe the general contents and requirements of work being performed by people assigned to this classification.
It is not intended to be construed as an exhaustive statement of all duties, responsibilities, or skills of personnel so classified.**The above is intended to describe the general contents and requirements of work being performed by people assigned to this classification. It is not intended to be construed as an exhaustive statement of all duties, responsibilities, or skills of personnel so classifiedPPL is an Equal Opportunity Employer dedicated to celebrating diversity and intentionally creating a culture of inclusion. We believe that we work best when our employees feel empowered and accepted, and that starts by honoring each of our unique life experiences. At PPL, all aspects of employment regarding recruitment, hiring, training, promotion, compensation, benefits, transfers, layoffs, return from layoff, company-sponsored training, education, and social and recreational #J-18808-Ljbffr