Entergy IT Security - Threat and Vulnerability Management Analyst III, Sr, or Sr Lead in The Woodlands, Texas
Date: Nov 7, 2019
Location: The Woodlands, Texas, United States
This position can be filled in Little Rock, AR, New Orleans, LA or The Woodlands, TX.
This official title for this position will be Info Sec Analyst, with the level being determined based on selected candidate's experience.
Brief Position Description
The Threat and Vulnerability Management Analyst is responsible for supporting IT leadership by assisting in the establishment, maintenance and evolution of an enterprise-wide Threat and Vulnerability Management Function (TVM) in Information Security, to model, detect, prevent and remediate threats and vulnerabilities, as well as risk analysis and impact assessment. This role is responsible for threat identification and vulnerability management across all device & hosting categories. The Sr. Consultant, TVM is responsible for program maintenance, including tool maintenance and oversight of proactive intrusion testing. Supports coordination of the TVM function with all areas of the IT organization, other business unit stakeholders, and governmental agencies as required.
Key responsibilities include:
Implement necessary TVM policies, procedures and reference architectures that are in compliance with statutory,regulatory, and internal requirements that cover internal and external parties; regulated and non-regulated physical, Operational Technology, and business systems throughout the enterprise
Monitor and respond to regulatory developments and industry best practices in a timely manner
Execute on vulnerability remediation guidance
Responsible for security patching & related compliance requirements – oversight, discovery, monitoring implementation & reporting
Discover, evaluate and oversee deployment of applicable patches across all asset classes (e.g. mobile, firewall, servers)
Satisfy strict North American Electric Reliability Corporation Critical Infrastructure Protection ( NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54 ) compliance & reporting requirements
Drive process excellence and maturity to push the envelope on delivering a world-class TVM function
Assist in management of annual penetration testing including RFP process, managing 3rd parties executing the tests, scoping, communicating internally, acting on output from testing and taking necessary corrective actions
Responsible for management of cyber vulnerability assessments and satisfying specific requirements to ensure security of the environment in compliance with NERC CIP and NRC Nuclear Cyber (10 CFR 73.54)
Assist in establishing a reliable TVM function for all operational technology including power generation units, nuclear plants, electric substations, SCADA, distribution automation, advanced metering infrastructure (AMI)
Assist in threat modeling to determine threats that pose biggest risk to the business and mitigation plans according to their risk weighting; execute on mitigation plans
Responsible for vulnerability scanning process, schedule & operational monitoring across all device classes (server, desktop, mobile, etc) and hosting models (on-prem, external, cloud)
Manage to KPIs to measure performance of the TVM function and report trends; execute on any necessary remediation
Support in leading digitization efforts to automate routine playbooks and identify opportunities for automation
Prepare management reporting on known threats, vulnerabilities, patching, mitigating actions and risk acceptance
Collaborate and work across other IT areas to assess & mitigate security risks and provide technical guidance as needed
Support incident response and investigation of security incidents including root cause analysis
Mentor and develop junior resources
III: 2-3 of cyber security experience across multiple disciplines (network engineering, application security, database, threat detection/mitigation, risk management, project management, etc.)
Sr: 3-5 years of cyber security experience across multiple disciplines (network engineering, application security, database, threat detection/mitigation, risk management, project management, etc.)
Sr Lead: 5+ years of cyber security experience across multiple disciplines (network engineering, application security, database, threat detection/mitigation, risk management, project management, etc.)
Minimum of 1 year of experience working with vulnerability scanning tools such as Tenable Security Center, Nessus, Qualys, Fortify, Checkmarx, WebInspect, AppScan, etc.
Experience working with outsourced teams
Experience operating enterprise infrastructure in a role aligned with or responsible for vulnerability management (patch management, configuration management, remediation, etc.)
Demonstrated experience with vulnerability assessment, remediation, and reporting, including comprehensive understanding of Vulnerability Management methodologies and procedures and application and infrastructure vulnerability scanning solutions
Experience with a variety of security controls & technologies like in DLP, AV, log management and anti-malware
Windows, UNIX, and Linux operating systems
Minimum knowledge, skills, and abilities required of the position
Extensive knowledge of security ramifications of energy related regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)
Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL
Knowledge of current IT Security trends and best practices in technology, as well as penetration testing of applications and infrastructure , vulnerability and risk assessment, security assessments of network infrastructure, hosts and applications, forensics and troubleshooting
Working knowledge with scripting languages such as Perl or Python
Clear understanding of cloud computing and the risks and benefits of using a vendor’s remote servers to store, manage, and process an organization’s data
Solid report writing and communication and ability to effectively communicate cyber awareness across the IT organization
The ability to work well independently or with a team
Available to travel
Capable of meeting deadlines
Associate’s degree in computer science, cyber security or a related discipline or equivalent work experience.
Bachelor’s degree preferred.
Any certificates, licenses, etc., required for the position
ISACA certification, such as CISSP, CISM, CISA
Vendor credentials offered by companies such as Microsoft and Cisco
Primary Location: Texas-The Woodlands
Job Function :Information Technology
FLSA Status :Professional
Relocation Option: No Relocation Offered
Union description/code :NON BARGAINING UNIT-NBU
Number of Openings :1
Req ID: 89358
Travel Percentage :Up to 25%
An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the full statement.
As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Job Segment: Manager, Engineer, Law, Risk Management, Management, Security, Engineering, Legal, Finance