Entergy Information Security Engineer III or Sr (OT Cyber Security) in The Woodlands, Texas
Information Security Engineer III or Sr (OT Cyber Security)
Date: May 12, 2021
Legal Entity: Entergy Services, LLC
This position may be filled in any city within Entergy's service territory
At Entergy, we’ve been planning for the future for more than 100 years. We’ve experienced a lot of change, generating power first from sawdust to now splitting atoms, harnessing sunlight and using abundant, clean and efficient natural gas.
We are on the verge of a monumental technology convergence, where reality swiftly catches up to possibility. The utility of the future does much more than keep the lights on and the gas flowing. It’s knowledgeable and skillful workforce will solve challenges and fuel a brighter, smarter, more prosperous future for everyone.
Having the lowest retail electricity rates of any utility in the United States drives economic growth within Entergy’s region, a key ingredient to sustained growth for any utility. We also believe a diverse workforce committed to personal and professional growth is critical to our success. We place a high priority on developing talent to meet current and future needs, giving employees opportunities to grow their careers their way.
Brief Position Description
The OT Cyber Security team executes the activities required to secure Entergy’s critical systems and assets as well as meet or exceed Entergy’s commitment and obligation to the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) standards. This position is expected to have operational expertise in areas of information technology, operational technology, cyber security, electrical power, professional auditing, and risk-based compliance processes. Engineers are accountable to perform daily assigned activities, escalation of issues identified while performing daily activities, and identification and implementation of process improvement opportunities while ensuring Entergy is able to demonstrate compliance with the NERC CIP requirements.
Key responsibilities include:
Support implementation and maintenance of the OT asset life-cycle management
Ensure OT cyber assets meet or exceed regulatory requirements and industry best practices
For OT environments, responsible for ensuring security and compliance with relevant regulatory compliance requirements (e.g. North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP), etc. Including but not limited to:
Functional Groups (Ports & Services)
Electronic Security Perimeters (ESP)
Asset inventory and classification
Commissioning new assets including substations, control centers, data centers
Configuration management and security baselines
Monitor systems for non-compliance with standards and escalate to appropriate members of leadership.
Support change management initiatives and weekly activities, including Change Advisory Board review and approvals
Participate in disaster recovery planning, preparation and testing.
Be an active member in preparation for required audits
Participate in audit interviews as directed by leadership
Identify and Implement process improvement opportunities
Expand services provided as directed by leadership
Other duties as required
Level III: 3 to 5 years of cyber security experience across multiple disciplines (monitoring, log gathering, event correlation, configuration, behavior analytics, network engineering, application security, database, risk management, project management, etc.)
Level Senior: 5 to 7 years of cyber security experience across multiple disciplines (monitoring, log gathering, event correlation, configuration, behavior analytics, network engineering, application security, database, risk management, project management, etc.)
Experience working with outsourced teams
Exposure to operational best practices like ITIL
Understanding of vulnerability assessment, event management, operations, incident management and reporting
Understanding of SIEM, configuration and monitoring technologies such as Splunk, Tripwire, Symantec
Understanding of NERC CIP Standards
Ability to work effectively with team members and with customers
Strong organizational and time management skills
Minimum knowledge, skills, and abilities required of the position
Hands-on technical engineering and process management skills and the ability to advocate positive transformation within the broader information technology organization
Commitment to customer service with strong oral and written communication skills
Knowledge of multiple UNIX OS platforms and Windows-based operating systems
Knowledgeable about security operations, cyber security monitoring, intrusion detection, and secured networks
Strong knowledge of security ramifications of energy related regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)
Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL
Understanding of current IT Security trends and best practices in technology, as well as monitoring best practices and tools
Knowledge with scripting languages such as Perl or Python
Strong writing and communication skills
Available to travel
Self-motivated, with ability to manage and follow up on multiple tasks simultaneously
Capable of meeting deadlines
Associate’s degree in computer science, cyber security or a related discipline or equivalent work experience. Bachelor’s degree preferred.
Any certificates, licenses, etc., required for the position
ISACA certification, such as CISSP, CISM, CISA recommended
Relevant vendor credentials offered by companies such as Cisco recommended
Primary Location: Texas-The Woodlands
Job Function :Information Technology
FLSA Status :Professional
Relocation Option: No Relocation Offered
Union description/code :NON BARGAINING UNIT-NBU
Number of Openings : 1
Req ID: 100759
Travel Percentage :25% to 50%
An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please clickhere (https://jobs.entergy.com/content/EEO/?locale=en_US) to view the full statement.
As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Job Segment: Engineer, Information Security, Electrical, Cyber Security, Security, Engineering, Technology
- Entergy Jobs