Entergy Information Security Engineer III, Sr, or Sr Lead in Little Rock, Arkansas
Information Security Engineer III, Sr, or Sr Lead
Date: May 26, 2021
Legal Entity: Entergy Services, LLC
This position may be filled in Little Rock AR, The Woodlands TX, or New Orleans LA
This position will be filled as an Information Security Engineer III, Sr, or Sr Lead depending on the candidates experience and qualifications
Entergy Corporation is an integrated energy company engaged primarily in electric power production and retail distribution operations. Entergy owns and operates power plants with approximately 30,000 megawatts of electric generating capacity, including 8,000 megawatts of nuclear power. Entergy delivers electricity to 2.9 million utility customers in Arkansas, Louisiana, Mississippi, and Texas. Tracing its history to 1913 and headquartered in New Orleans, Louisiana, Entergy has annual revenues of $11 billion and more than 13,000 employees.
The company’s utility business provides electric retail and wholesale power to customers in four states through five utility operating companies: Entergy Arkansas, LLC; Entergy Louisiana, LLC; Entergy Mississippi, LLC; Entergy New Orleans, LLC; and Entergy Texas, Inc. Entergy also delivers natural gas services to 200,000 customers in New Orleans and parts of Baton Rouge, Louisiana. Entergy is winding down its wholesale generation business, which provides power to wholesale customers primarily from our two remaining nuclear facilities located in the northern United States.
The electric utility industry is rapidly changing, and Entergy is entering an exciting period of growth as we prepare for the future. We are building the premier utility, a utility that delivers sustainable value to all its stakeholders – our customers, employees, communities, and owners – as measured by strong net promoter scores, high levels of service, superior and affordable products and services, highly skilled and engaged employees, and industry-leading financial performance. We are focusing our sights on three key priorities – customer centricity, continuous improvement, and creating a culture of belonging for our employees. Join us as we take the next step on our journey to building the premier utility.
Brief Position Description:
The Information Security Engineer is responsible for maintaining and evolving a successful security engineering function within Information Security. The security engineering team owns successful deployment and operation of security monitoring tools and processes designed for real-time analysis of events and alerts generated across the enterprise to protect the company’s assets, solutions, and services by reducing time to triage security incidents and risks. This role coordinates security capabilities and industry best practices with all areas of the enterprise.
Key responsibilities include:
Implement necessary monitoring policies, reference architectures, and procedures in compliance with statutory and regulatory requirements covering internal and external parties, regulated and non-regulated physical, operational and business systems throughout the enterprise
Assist in satisfying specific requirements to ensure security of the environment in compliance with North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54)
Execute on strategy & technology roadmap for the Security Information Event Management (SIEM) platform
Drive process excellence and maturity to push the envelope on delivering a world-class Cyber Security function to protect Entergy against cyber threats
Support life-cycle management of the SIEM platform, including assistance with coordination and planning of upgrades, new deployments, and maintenance of current operational systems
Execute on world-class cyber defense capability for all information technology and operational technology assets including power generation units, nuclear plants, electric substations, SCADA, distribution automation, advanced metering infrastructure (AMI), email, and networks.
Work closely with Consolidated Security Operations Center (CSOC), Threat & Vulnerability Management (TVM), other internal/external teams and management in a 24x7 operational environment
Execute the processes to monitor, analyze, and correlate logs and alerts across multiple platforms to identify advanced threats or incidents affecting the enterprise aiding in the development of use case content. This includes logs, network, endpoints, authentication, and web activity
Assist in maintaining documentation and evidence to be used for after action reporting and/or legal evidence
Monitor and respond to regulatory developments and industry best practices, with manager direction
Accountable for execution of security engineering support of all device classes (server, desktop, mobile, etc.), hosting models (on-premise, external, cloud) and applications to which security platforms apply
Work closely with all teams in Information Security to implement use cases for monitoring
Deliver on KPIs to measure effectiveness of security engineering and report trends
Support security orchestration efforts and help to identify opportunities for automation
Collaborate and work across other IT and Information Security areas to design and onboard new systems to follow monitoring standards and best practices
Oversee and review work of junior resources as needed
Minimum Experience required:
Info Sec Eng III : Two to three years of cyber security experience across multiple disciplines (monitoring, log gathering, event correlation, configuration, behavior analytics, network engineering, application security, database, risk management, project management, etc.)
Info Sec Eng Sr : Three to five years of cyber security experience across multiple disciplines (monitoring, log gathering, event correlation, configuration, behavior analytics, network engineering, application security, database, risk management, project management, etc.)
Info Sec Eng Sr Lead : Five plus years of cyber security experience across multiple disciplines (monitoring, logging, event correlation, configuration, behavior analytics, network engineering, application security, database, risk management, project management, etc.)
Minimum of 1 years of experience working with Security Information Event Management platforms, like Splunk
Experience working with outsourced teams
Experience with vulnerability management, event management, security operations, incident management, and security reporting
Experience in designing, building, implementing, and supporting security monitoring solutions
Minimum knowledge, skills, and abilities required of the position:
Demonstrated technical engineering and process management skills and the ability to advocate and support positive transformation within the broader information technology organization
Broad knowledge of multiple UNIX OS platforms and Windows-based operating systems
Well-versed in security operations, cyber security monitoring, intrusion detection, and secured networks
Strong knowledge of security ramifications of energy related regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)
Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL
Knowledge of current IT Security trends and best practices in technology, as well as monitoring best practices and tools
Working knowledge with scripting languages such as Perl or Python
Strong understanding of cloud computing and patterns involved in monitoring across cloud, hosted and on-prem architectures.
Strong report writing and communication and ability to effectively communicate across the IT organization
The ability to work well independently or with a team
Available to travel
Capable of meeting deadlines
Minimum Education required:
Associate’s degree in computer science, cyber security or a related discipline or equivalent work experience.
Bachelor’s degree preferred.
Any certificates, licenses, etc., required for the position:
ISACA certification, such as CISSP, CISM, CISA or GIAC certifications preferred
Vendor credentials offered by companies such as Microsoft, Cisco, or Splunk
Primary Location: Arkansas-Little Rock
Job Function :Information Technology
FLSA Status :Professional
Relocation Option: No Relocation Offered
Union description/code :NON BARGAINING UNIT-NBU
Number of Openings :1
Req ID: 102264
Travel Percentage :Up to 25%
An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please clickhere (https://jobs.entergy.com/content/EEO/?locale=en_US) to view the full statement.
As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Job Segment: Information Security, Engineer, Nuclear Engineering, Computer Science, Security, Technology, Engineering