Work Place Flexibility: Hybrid
Legal Entity: Entergy Services, LLC
This is hybrid position located in The Woodlands, TX or New Orleans, LA. Relocation assistance and sponsorship is not provided. The official job title for this position will be Info Sec Analyst I or Info Sec Analyst II depending on the selected candidate’s qualifications and experience.
Brief Position Description
The Security and Regulatory Compliance group applies frameworks to ensure that the security organization's practices remain observant to all compliance directives required by NERC Critical Infrastructure Protection (CIP) and Sarbanes-Oxley (SOX)). The Analyst will support the tracking and trending of compliance effectiveness and propose program adjustments to address issues. This position in the Security and Regulatory Compliance group will provide support to ensure Entergy adapts to emerging regulations and work to continually improve the security organization’s regulatory compliance posture. The role is critical to ensure Cybersecurity complies with all applicable federal, state, and local regulatory requirements.
Key Responsibilities Include
- Participate in risk assessments to identify risks and opportunities designed to improve business processes and information systems across the company.
- Maintain customer relationships with members of Entergy’s management team to identify sources of risk or areas for improvement.
- Support Audit and risk assessment activities through data analytics and query development.
- Discuss audit findings with operating personnel to verify facts and obtain background information not available in the documentation examined. Present value-added suggestions for resolution of audit findings.
- Prepare formal written reports, expressing opinions on the adequacy and effectiveness of the system and the efficiency with which activities are carried out, including findings and recommendations of corrective actions for deficiencies.
- Coordinate the regulatory program within Cybersecurity to ensure strict adherence with NERC CIP and SOX requirements.
- Assist with the documentation of Cybersecurity processes and procedures into process flows.
- Apply a risk-based approach to determine areas of weakness using frameworks such as COBIT and NIST.
- Assist with compliance assessments of Entergy policies and regulatory requirements across the various CS groups.
- Coordinate and communicate with technical resources, control owners, and internal and external auditors.
- Contribute to gap analysis and application of control standards to IT General Controls (ITGCs).
- Track Key Performance Indicators (KPI) to measure the Cybersecurity organization's effectiveness and communicate findings.
- Deliver continuous improvement of Cybersecurity’s compliance with regulatory and company standards.
- Maintain awareness of changing regulatory requirements.
- Integrate data from multiple sources to draw conclusions regarding Entergy’s regulatory compliance.
- Deliver process excellence by maintaining a strong culture of regulatory compliance at Entergy.
Experience needed
- Info Sec Analyst I: 0-2+ years of cybersecurity operations and/or compliance experience
- Info Sec Analyst II: 2-4 years of cybersecurity operations and/or compliance experience
- Good communication skills
- Exposure to cloud security, network security, and/or vulnerability management is a plus
- Some experience maintaining operations leveraging industry best practices
- Experience with data analysis, data integration, and data validation activities
Minimum Knowledge, Skills, And Abilities Required Of The Position
- General knowledge of Information Technology regulations such as SOX and NERC CIP Compliance
- Provided support for Information Technology during audits/assessments
- Understanding of multiple cyber security domains, such as:
- Asset, Change, and Configuration Management
- Threat and Vulnerability Management
- Risk Management
- Identity and Access Management
- Situational Awareness
- Incident Response and Continuity of Operations
- Third-Party Risk Management
- Cybersecurity Architecture
- Cybersecurity Program Management
- Understanding of SIEM, configuration and monitoring, and malicious software prevention technologies such as Splunk, Tripwire, Symantec, BeyondTrust, Dragos, etc.
- Knowledge of multiple OS and platforms (e.g. Windows, Linux, UNIX, Cisco iOS, Checkpoint GAIA, etc.)
- Understanding of current cyber security trends and best practices in technology, as well as monitoring best practices and tools
- Ability to quickly adapt to changing events and priorities
- Social, verbal, and written communication skills, with ability to effectively present analytical data
- Detail oriented with the ability to interpret regulatory requests and corresponding data
- Comfortable working in high stress and ambiguous environments
- Capable of meeting deadlines
- Learning mindset
- Available to travel
Education
Bachelor’s degree strongly preferred in computer science, cybersecurity, internal audit or a related discipline or equivalent work experience. Master’s degree a plus.
Any certificates, licenses, etc., required for the position
ISACA certification, such as CISSP, CISM, CISA preferred
Primary Location: Texas-The Woodlands Texas : The Woodlands || Louisiana : New Orleans
Job Function: Professional
FLSA Status: Professional
Relocation Option: No Relocation Offered
Union description/code: NON BARGAINING UNIT
Number of Openings: 1
Req ID: 120421
Travel Percentage:Up to 25%
An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the EEO page, or see statements below.
EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
Accessibility: Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf. If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click
here and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.
Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Know Your Rights: Workplace Discrimination is Illegal
The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please contact HRCompliance@entergy.com to schedule a time to review the affirmative action plan during regular office hours.
Working Conditions
As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.