Senior Director Cyber Operations & Threat Intelligence

PPL CorporationLouisville, KY
Hybrid

About The Position

The Senior Director of Cyber Operations leads PPL’s enterprise cyber defense organization, responsible for Security Operations (SOC), Threat Intelligence, Detection Engineering, Security Engineering, and Security Orchestration, Automation, and Response (SOAR). This role oversees the day-to-day protection of a critical infrastructure environment and leads the ongoing transformation to a modern, intelligence-driven and automation-first cyber program. The leader will integrate emerging capabilities such as Agentic SOC architectures, Machine-driven Cyber Platforms (MCP), Attack Surface Management (ASM), and risk-based Vulnerability Management, while aligning operations to industry frameworks including NIST Cybersecurity Framework (CSF), NIST AI Risk Management Framework (AI RMF), and NERC CIP.

Requirements

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
  • 20+ years of experience in cybersecurity or a related field, with demonstrated experience in a senior leadership role.
  • Proven experience in managing cybersecurity operations and incident response
  • Strong leadership and project management skills
  • Excellent communication and collaboration abilities
  • In-depth knowledge of cybersecurity frameworks and best practices
  • Proficiency in security tools and technologies
  • Experience managing large, diverse teams and leading complex projects
  • Understanding of Agile principles and methods
  • Strong communication and collaboration skills with technical and non-technical stakeholders
  • Ability to adapt to new technologies and methodologies
  • Ability to align IT transformation initiatives with the overall business strategy

Nice To Haves

  • Master’s degree
  • Advanced degree or relevant certifications (e.g., CISSP, CISM, would be a plus)
  • Utilities industry experience

Responsibilities

  • Lead and evolve PPL’s 24x7 SOC operations, including monitoring, detection, and incident response
  • Direct cyber operations across: Security Operations Center (SOC), Threat Intelligence, Detection Engineering, Security Engineering, SOAR / automation platforms
  • Drive operational maturity aligned to NIST CSF domains (Detect, Respond, Recover)
  • Maintain executive-ready visibility into cyber risk, operational performance, and incident posture
  • Lead enterprise cyber incident response and coordination, including high-impact events
  • Establish and mature playbooks, escalation models, and executive communication protocols
  • Partner with legal, compliance, and business leadership during cyber events
  • Ensure readiness through exercises aligned to NERC CIP and resilience requirements
  • Operationalize intelligence-led defense by integrating threat intelligence into detection use cases
  • Lead detection engineering program to improve fidelity, reduce noise, and expand coverage
  • Advance proactive threat hunting capabilities across enterprise and critical systems
  • Own design, implementation, and optimization of cyber tooling and platforms
  • Lead transition toward automation-first and Agentic SOC capabilities
  • Deploy and scale: Advanced SIEM and XDR capabilities, SOAR platforms and playbook automation, MCP / AI-enabled cyber decision support systems
  • Ensure secure adoption and governance of AI in cyber operations aligned to NIST AI RMF
  • Establish integrated Attack Surface Management (ASM) across enterprise and external footprint
  • Lead risk-based vulnerability management program prioritizing remediation based on threat context and business criticality
  • Integrate asset, exposure, and threat data to drive measurable risk reduction
  • Ensure cyber operations align with NERC CIP requirements and broader regulatory obligations
  • Partner with compliance teams to support audits, evidence collection, and continuous improvement
  • Coordinate with OT/IT teams to protect grid operations and critical systems
  • Lead a multi-disciplinary team spanning SOC, engineering, and threat intelligence functions
  • Develop talent, succession pipelines, and leadership bench strength
  • Foster a culture of accountability, innovation, and continuous improvement
  • Drive alignment with enterprise cybersecurity strategy and “Guardians of the Grid” mission
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service