Entergy Jobs

Job Information

Entergy Manager, Network Security in Little Rock, Arkansas

Manager, Network Security

Date: Nov 10, 2022

Location: The Woodlands, Texas, United States

Company: Entergy

Posting End Date:

Work Place Flexibility: Hybrid

The preferred location for these positions is The Woodlands, TX. Little Rock, AR may also be considered.

Brief Position Description

The Network Security Manager is responsible for securing Entergy’s computer network from internal and external threats across all corporate IT, Operational Technology (OT), Wireless, office locations and physical assets such as power plants and substations. The manager will create sustainable processes and drive automation opportunitiesto monitor, control access, detect malicious/anomalous network traffic, maintainestablished levels of service, and remediate any gaps to achieve optimal level of security in the organization’s computer networks. The manager will also ensure that network security operations are maintained to be audit ready in compliance with NRC Nuclear Cyber & NERC CIP regulations.

The Manager will report to the Director of Architecture and Engineering and will manage a team of employees and a flexible pool of contingent and 3rd party workers depending on operational and project needs.

Key responsibilities include:

  • Develop and implement the strategy, roadmap, and delivery plans for Network Security in coordination with the Security Architecture function.

  • Own day-to-day operations and maintenance of all the systems/components involved in Network Security

  • Oversees the design, configuration, and maintenance of network security devices and technologies such as firewalls, VPNs, Intrusion Detection/Prevention Systems (IDS/IPS), certificate management, packet brokers, DNS, DHCP and software defined networks (SDN) and network segmentation technologies.

  • Establish and periodically review the security policies of the network considering the prevention criteria and techniques which are necessary to ensure perimeter security against the most common incidents, as well as the corresponding regulations, processes, and training of the users

  • Operate and maintain Certificate Authorities and Certificatevalidation infrastructures.

  • Establish a technically resilient certificate revocation status checking infrastructure & process

  • Ensure network security & operations comply with specific requirements of North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54)

  • Drive process excellence and maturity to push the envelope on delivering world-class network securityfor all corporate and operational technology needs, including power generation units, nuclear plants, electric substations, SCADA, distribution automation, and advanced metering infrastructure (AMI)

  • Assist in periodic network security assessments and reviews for evidence of vulnerability or compromise and lead in the implementation of network security solutions

  • Collaborate with other towers within Information Security to create and maintain behavior profiles used to detect anomalous behavior, including intrusion detection, network configuration changes and attempts to breach the perimeter.

  • Proactively monitor network security trends, baselines and best practices and suggest changes to policy, procedures, and tools to enhance Entergy’s network security posture

  • Attend technical engagement with audit, regulators, clients, and third parties, when required

  • Produce and track metrics for the effectiveness and maturity of network security operations

  • Lead digitization efforts to automate routine playbooks and identify opportunities for automation

  • Determine staffing requirements, including recruiting, hiring, training, development, and retention of highly qualified team members

  • Support program planning, engineering work breakdown structure, work management, task estimation, scheduling, change management and quality control of the network security team’s deliverables

Experience needed

  • Five to seven years of cyber security experience across multiple disciplines (monitoring, log gathering, event correlation, configuration, behavior analytics, network engineering, application security, database, risk management, project management, etc.)

  • Minimum of 3 years of hands-on experience managing network security operations.

  • Design, setup and configure complex network and firewall environments including Software Defined Networks (SDN)

  • Hands on experience designing, developing, testing, and implementing Network Security solutions

  • Experience evaluating and implementing emerging industry-standard PKI Technologies

  • Experience working with and managing outsourced teams & vendors

  • Demonstrated organizational and scheduling skills, strong time management skills

  • Proven ability to lead a team of engineers, architects, and/or external resources

  • Strategically oriented and can influence at the org and enterprise level as needed

  • Expertise in working in partnership with colleagues throughout the enterprise, and in leading collaborative teams to achieve common goals

  • Experience with network & security technologies from leading vendors such as Checkpoint, Palo Alto, Fortinet, Citrix, Cisco, F5, McAfee

  • Proven experience with network design and implementation, network hardware configuration and troubleshooting, capacity planning and performance tuning

Education needed

Bachelor’s degree in computer science, cyber security or a related discipline required. Advanced degree is a plus.

Minimum knowledge, skills, and abilities required of the position

  • Deep understanding of general networking and design (Firewalls, DNS, DHCP, VPNs, Routing, Load Balancing, TCP/IP, Packet trace and analysis)

  • Strong knowledge of networking and security tools from leading vendors Checkpoint, Palo Alto, Fortinet, Citrix, Cisco, F5, McAfee

  • Understanding of various industry standards including NERC and/or NIST standards; specific focus on NIST Cyber Security framework

  • Able to be a hands-on manager with technical engineering and process management skills and the ability to advocate and influence positive transformation within the broader information technology organization

  • Deep knowledge of multiple UNIX OS platforms and Windows-based operating systems

  • Well-versed in security operations, cyber security monitoring, intrusion detection, and secured networks

  • Proficient in security ramifications of energy related regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)

  • Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL

  • Knowledge of current IT Security trends and evolutions in networking

  • Working knowledge with scripting languages such as Perl or Python

  • Excellent report writing and ability to effectively communicate across the organization

  • Available to travel

  • Self-motivated, with the ability to manage and follow up on multiple tasks simultaneously

  • Capable of meeting deadlines and budgets

  • Ability to coordinate with Entergy’s Audit, Legal, Supply Chain, Communications, Corporate Security and Risk Management organizations to understand requirements and ensure compliance with cyber security policies and standards

Any certificates, licenses, etc., required for the position

ISACA certification, such as CISSP, CISM, CISA are a plus

Relevant vendor credentials are a plus

#LI-JL1

#LI-Hybrid

Primary Location: Texas - The Woodlands Arkansas : Little Rock || Texas : Houston || Texas : The Woodlands

Job Function : Information Technology

FLSA Status : Professional

Relocation Option: No Relocation Offered

Union description/code : NON BARGAINING UNIT-NBU

Number of Openings : 2

Req ID: 109560

Travel Percentage : Up to 25%

An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please clickhere (https://jobs.entergy.com/content/EEO/?locale=en_US) to view the EEO page, or see statements below.

EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.

Accessibility: Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf. If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click here (humanr@entergy.com?subject=Accessibility) and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.

Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.

Entergy Pay Transparency Policy Statement: The Entergy System of Companies (the Company) will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company’s legal duty to furnish information. 41 CFR 60-1.35(c). Equal Opportunity (https://www.dol.gov/agencies/ofccp/manual/fccm/2l-equal-opportunity-clauses-and-other-requirements/2l00-equal-opportunity) and Pay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf) .

The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please contact HRCompliance@entergy.com to schedule a time to review the affirmative action plan during regular office hours.

WORKING CONDITIONS:

As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.

Job Segment: Network Security, Network, Compliance, Cyber Security, Nuclear Engineering, Security, Technology, Legal, Engineering

DirectEmployers