Vacancy caducado!
Security Engineer III or SrDate: Apr 10, 2024Location: The Woodlands, Texas, United StatesCompany: EntergyPosting End Date:Work Place Flexibility: HybridLegal Entity: Entergy Services, LLCThis position will be filled as an Information Security Engineer III or Sr depending on the candidates experience and qualificationsThis position may be filled in Little Rock AR, The Woodlands TX, or New Orleans LABrief Position Description:The Senior Information Security Engineer is responsible for proactively improving and evolving a successful security engineering function within Information Security. The Security Engineering team owns the deployment and operation of security monitoring tools and processes designed for real-time analysis, triage, and response to events and alerts generated across the enterprise to protect the company’s assets, solutions, and services by reducing time to respond to and if necessary, remediate security incidents and risks. This role coordinates security capabilities and industry best practices with all areas of the enterprise.Key responsibilities include:
Implement necessary monitoring policies, reference architectures, and procedures in compliance with statutory and regulatory requirements covering internal and external parties, regulated and non-regulated physical, operational, and business systems throughout the enterprise
Assist in satisfying specific requirements to ensure security of the environment in compliance with North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54)
Execute on strategy & technology roadmap for the Security Information Event Management (SIEM) platform
Drive process excellence and maturity to push the envelope on delivering a world-class Cyber Security function to protect Entergy against cyber threats
Support life-cycle management of the SIEM platform, and other interconnected or related monitoring platforms including assistance with coordination and planning of upgrades, new deployments, and maintenance of current operational systems
Execute on world-class cyber defense capability for all information technology and operational technology assets including power generation units, nuclear plants, electric substations, SCADA, distribution automation, advanced metering infrastructure (AMI), email, and networks.
Work closely with Consolidated Security Operations Center (CSOC), Threat & Vulnerability Management (TVM), other internal/external teams and management in a 24x7 operational environment
Execute the processes to monitor, analyze, and correlate logs and alerts across multiple platforms to identify advanced threats or incidents affecting the enterprise and aiding in the development of security monitoring use cases. This includes any potential source of security relevant logs and/or data.
Assist in maintaining documentation and evidence to be used for after action reporting and/or legal evidence
Monitor and respond to regulatory developments and industry best practices, with manager direction
Accountable for execution of security engineering support of all device classes (server, desktop, mobile, etc.), hosting models (on-premises, external, cloud) and applications to which security platforms apply
Work closely with all teams in Information Security to implement use cases for monitoring or SOAR
Deliver on KPIs to measure effectiveness of security engineering and report trends
Support security orchestration and automation efforts and help to identify opportunities to improve security response and precision.
Collaborate and work across other IT and Information Security areas to design and onboard new systems to follow monitoring standards and best practices
Oversee and review work of junior resources as needed
Minimum Requirments:Minimum Education required:
Associate degree in computer science, cyber security or a related discipline or equivalent work experience.
Bachelor’s degree preferred.
Minimum Experience required:Information Security Engineer III
4 plus years of cyber security experience across multiple disciplines (monitoring, log gathering, event correlation, configuration, behavior analytics, network engineering, application security, database, risk management, project management, etc.)
1 years of experience working with Security Information Event Management platforms is a plus
Experience working with outsourced teams is a plus
Experience with vulnerability management, event management, security operations, incident management, and security reporting is a plus
Experience in designing, building, implementing, and supporting security monitoring solutions is a plus
Senior Security Engineer:
At least 6 years of cyber security experience across multiple disciplines (monitoring, log gathering, event correlation, configuration, behavior analytics, network engineering, data analytics, application security, database, risk management, project management, etc.)
Experience with Security Information Management, configuration, data aggregation, correlation and monitoring tools like a Securty Incident and Event Management system, Security Monitoring tools, Endpoint Protection Platform and Extended Detection and Response technologies, Configuration Management tools, etc.
Experience working with outsourced teams
Experience with vulnerability assessment, event management, operations, incident management and reporting
Experience in supporting Monitoring Tool solutions
Minimum knowledge, skills, and abilities required of the position (combination of the following):
Demonstrated technical engineering and process management skills and the ability to advocate and support positive transformation within the broader information technology organization
Knowledge of cloud monitoring strategies and techniques
Knowledge of Security orchestration, automation, and response
Knowledge of User and Entity Behavior Analytics
Broad knowledge of multiple UNIX OS platforms and Windows-based operating systems
Well-versed in security operations, cyber security monitoring, intrusion detection, and secured networks
Highly qualified candidates will be able to demonstrate knowledge of multiple of the following:
Strong knowledge of security ramifications of businesses regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)
Demonstrable experience developing and deploying security orchestration, automation, and response
Demonstrable experience developing and deploying user and entity behavior analytics platform and programs
Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO ITIL, and ATT&CK
Knowledge of current IT Security trends and best practices in technology, as well as monitoring best practices and tools
Working knowledge with scripting languages such as Perl or Python
Strong understanding of cloud computing and patterns involved in monitoring across cloud, hosted and on-prem architectures.
Strong report writing and communication and ability to effectively communicate across the IT organization
The ability to work well independently or with a team
Capable of meeting deadlines
Any certificates, licenses, etc., required for the position:
CISSP, CISM, CISA or GIAC certifications are a plus
#LI-SB1#LI-HYBRIDPrimary Location: Texas-The Woodlands Texas : Anahuac Arkansas : Alexander Arkansas : Arkadelphia Arkansas : Bald Knob Arkansas : Batesville Arkansas : Beebe Arkansas : Benton Arkansas : Berryville Arkansas : Blytheville Arkansas : Blythville Arkansas : Brinkley Arkansas : Cabot Arkansas : Camden Arkansas : Clarenden Arkansas : Conway Arkansas : Corning Arkansas : Crossett Arkansas : DERMONTT Arkansas : Danville Arkansas : Dardanelle Arkansas : Des Arc Arkansas : Dewitt Arkansas : Dumas Arkansas : Earle Arkansas : El Dorado Arkansas : Elaine Arkansas : England Arkansas : Eudora Arkansas : Flippin Arkansas : Fordyce Arkansas : Forrest City Arkansas : Glenwood Arkansas : Gurdon Arkansas : Hamburg Arkansas : Hardy Arkansas : Harrisburg Arkansas : Harrison Arkansas : Hazen Arkansas : Heber Springs Arkansas : Helena Arkansas : Hot Springs Arkansas : Hotsprings Arkansas : Hoxie Arkansas : Hughes Arkansas : Jacksonville Arkansas : Jones Mill Arkansas : Junction City Arkansas : Lake Village Arkansas : Little Rock Arkansas : Lonoke Arkansas : Magnolia Arkansas : Malvern Arkansas : Mammoth Sprgs Arkansas : Marianna Arkansas : Marion Arkansas : Marked Tree Arkansas : Marshall Arkansas : Maumelle Arkansas : Mcgehee Arkansas : Monette Arkansas : Monticello Arkansas : Morrilton Arkansas : Mountain Home Arkansas : Mountain View Arkansas : Newark Arkansas : Newport Arkansas : No. Little Rock Arkansas : Pine Bluff Arkansas : Pocahontas Arkansas : Rector Arkansas : Redfield Arkansas : Russellville Arkansas : Searcy Arkansas : Sheridan Arkansas : Smackover Arkansas : Stamps Arkansas : Stephens Arkansas : Strong Arkansas : Stuttgart Arkansas : Trumann Arkansas : Warren Arkansas : West Helena Arkansas : Wilson Arkansas : Wynne Arkansas : Yellville Louisiana : Amite Louisiana : Arcadia Louisiana : Bastrop Louisiana : Baton Rouge Louisiana : Belle Chase Louisiana : Bogalusa Louisiana : Buras Louisiana : Chalmette Louisiana : Church Point Louisiana : DESTREHAN Louisiana : Delhi Louisiana : Denham Springs Louisiana : Donaldsonville Louisiana : Dubach Louisiana : Eunice Louisiana : Ferriday Louisiana : Fort Polk Louisiana : Gonzales Louisiana : Grayson Louisiana : Gretna Louisiana : Hammond Louisiana : Haynesville Louisiana : Hodge Louisiana : Homer Louisiana : Houma Louisiana : Jefferson Louisiana : Jena Louisiana : Jennings Louisiana : Joyce Louisiana : Kenner Louisiana : Killona Louisiana : Labadieville Louisiana : Lafayette Louisiana : Lake Charles Louisiana : Lake Providence Louisiana : Lockport Louisiana : Luling Louisiana : Marksville Louisiana : Metairie Louisiana : Monroe Louisiana : Montgomery Louisiana : Montz Louisiana : New Orleans Louisiana : Newellton Louisiana : Oak Grove Louisiana : Port Allen Louisiana : Rayville Louisiana : Reserve Louisiana : Ringgold Louisiana : Saint Rose Louisiana : Scott Louisiana : Sibley Louisiana : Springhill Louisiana : St. Francisville Louisiana : St. Gabriel Louisiana : St. Joseph Louisiana : St. Rose Louisiana : Sterlington Louisiana : Sulphur Louisiana : Tallulah Louisiana : Thibodaux Louisiana : West Monroe Louisiana : Westlake Louisiana : Westwego Louisiana : Winnsboro Louisiana : Zachary Texas : Austin Texas : Beaumont Texas : Burkeville Texas : Calvert Texas : Cleveland Texas : Conroe Texas : Corpus Christi Texas : Corrigan Texas : Crystal Beach Texas : Dayton Texas : Groveton Texas : Houston Texas : Huntsville Texas : Kountze Texas : Madisonville Texas : Marshall Texas : Navasota Texas : New Caney Texas : Orange Texas : Port Arthur Texas : Port Neches Texas : Silsbee Texas : Somerville Texas : Sour Lake Texas : The Woodlands Texas : Trinity Texas : Vidor Texas : Willis Texas : Winnie Texas : Woodlands Texas : WoodvilleJob Function : Information TechnologyFLSA Status : ProfessionalRelocation Option: No Relocation OfferedUnion description/code : NON BARGAINING UNITNumber of Openings : 2Req ID: 114429Travel Percentage :Up to 25%An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please clickhere (https://jobs.entergy.com/content/EEO/?locale=enUS) to view the EEI page, or see statements below.EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.Accessibility: Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf. If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click here (humanr@entergy.com?subject=Accessibility) and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.Entergy Pay Transparency Policy Statement: The Entergy System of Companies (the Company) will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company’s legal duty to furnish information. 41 CFR 60-1.35(c). Equal Opportunity (https://www.dol.gov/agencies/ofccp/manual/fccm/2l-equal-opportunity-clauses-and-other-requirements/2l00-equal-opportunity) and Pay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp%20EnglishformattedESQA508c.pdf) .Pay Transparency Notice:Pay Transparency Nondiscrimination Provision (dol.gov) (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp%20EnglishformattedESQA508c.pdf)The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please contact HRCompliance@entergy.com to schedule a time to review the affirmative action plan during regular office hours.WORKING CONDITIONS:As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.Job Segment: Nuclear Engineering, Cyber Security, Cloud, Compliance, Nuclear, Engineering, Security, Technology, Legal, Energy