Security Risk Analyst 117184
Security Risk Analyst 117184
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Work Place Flexibility: Hybrid
Legal Entity:Entergy Services LLC
The preferred location is The Woodlands TX but Jackson MS New Orleans LA and Little Rock. AR may be considered. Relocation assitance and sponsorship is not provided.
JOB SUMMARY/PURPOSE
- The Security Risk Analyst is responsible for assisting with the implementation and monitoring of Entergys vendor security risk management processes within the Chief Security Office (CSO).
- The Security Risk Analyst will conduct thorough risk assessments of vendors and thirdparty service providers to evaluate their security controls data protection measures and overall risk posture.
- In this role you will develop and implement vendor risk management frameworks policies and procedures to enhance the effectiveness of our vendor risk program.
- The Security Risk Analyst will collaborate with various internal stakeholders including procurement legal and IT teams to ensure vendor contracts and agreements align with our security standards and requirements.
- You will monitor and track vendor compliance with security policies standards and contractual obligations.
- Provide regular reports and updates to senior management on the status of vendor risk assessments identified issues and remediation efforts.
- You will create and maintain relevant metrics for the program using PowerBI.
- Stay current with industry trends best practices and regulatory requirements related to vendor risk management.
- They will also assist the CSO department to raise employee awareness of security risks and methods to protect company critical infrastructure data and assets. This role drives security control objectives to mitigate the risk from existing and evolving vulnerabilities and threats for onsite offshore and cloud solutions.
JOB DUTIES/RESPONSIBILITIES
- Tracks Vendor Assessment Review Requests and communicates status to requestors.
- Reviews assessment reports against asset control objectives to determine effectiveness.
- Assists with vendor risk assessments (vendor assessments supply chain assessments etc. as necessary.
- Reports out on control testing through Controls Dashboard
- Administers vendor risk request tracking process.
- Prepares summary and detailed reports on vendor risk across the enterprise.
- Conducts control testing and assessment.
MINIMUM REQUIREMENTS
Minimum education required of the position
- Bachelors degree in Business Computer Science or related field or equivalent work experience
Minimum experience required of the position
- 2 years of experience in internal or external auditing security testing or risk management and analysis
- 1 years of IT security or IT risk management experience
- Desired Vendor Management experience PowerBI experience
Minimum knowledge skills and abilities required of the position
- Excellent problemsolving and decision making ability
- Excellent written and verbal communication skills
- Professional demeanor exceptional interpersonal skills including teamwork facilitation and negotiation
- Team player highly collaborative able to work crossfunctionally
- Resourceful and selfmotivated able to work independently when required
- Excellent planning organizational and project management skills; detail and processoriented; able to multitask a number of different projects
- Knowledge of generally applicable and accepted audit and risk frameworks (e.g. COBIT CAG 20 Critical Security Controls NIST UCF) and government guidelines and laws (e.g. Sarbanes Oxley Act NERC/CIP HIPAA FCC)
- Understanding of regulatory requirements impacting the utility industry (SOX HIPAA NERC CIP Smart Meter/Smart Grid etc. with subject matter expert knowledge in one or more areas
- Advanced computer skills including Microsoft Office suite and other business related software systems
The following would be a Plus
- Knowledge of Vendor Security Risk Management tools (Venminder BitSight Security Scorecard)
- Advanced knowledge of Micrsoft PowerBI
- Knowledge of Cloud Security
#LITR1
#LIHYBRID
Primary Location: TexasThe WoodlandsTexas : The Woodlands
Arkansas : Little Rock
Louisiana : New Orleans
Mississippi : Jackson
Job Function: Professional
FLSA Status: Professional
Relocation Option: No Relocation Offered
Union description/code: NON BARGAINING UNIT
Number of Openings: 1
Req ID: 117184
Travel Percentage:Up to 25
An Equal Opportunity Employer Minority/Female/Disability/Vets. Please click here to view the EEI page or see statements below.
EEO Statement:The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race color religion sex gender sexual orientation gender identity or expression national origin age disability genetic information marital status amnesty or status as a protected veteran in accordance with applicable federal state and local laws. The Entergy System of Companies complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including but not limited to recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race color religion sex gender sexual orientation gender identity or expression national origin age genetic information disability or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
Accessibility:Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant employee or third party on his or her behalf.If you are an individual with a disability and you are in need of an accommodation for the recruiting process please clickhereand provide your name contact number the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.
Additional Responsibilities:As a provider of essential services Entergy expects its employees to be available to work additional hours to work in alternate locations and/or to perform additional duties in connection with storms outages emergencies or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Entergy Pay Transparency Policy Statement:The Entergy System of Companies (the Company) will not discharge or in any other manner discriminate against employees or applicants because they have inquired about discussed or disclosed their own pay or the pay of another employee or applicant. However employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information unless the disclosure is (a) in response to a formal complaint or charge (b) in furtherance of an investigation proceeding hearing or action including an investigation conducted by the employer or (c) consistent with the Companys legal duty to furnish information. 41 CFR 601.35(c).Equal OpportunityandPay Transparency.
Pay Transparency Notice:
Pay Transparency Nondiscrimination Provision (dol)
The nonconfidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please to schedule a time to review the affirmative action plan during regular office hours.
WORKING CONDITIONS:
As a provider of essential services Entergy expects its employees to be available to work additional hours to work in alternate locations and/or to perform additional duties in connection with storms outages emergencies or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.
Required Experience:
IC
Employment Type
Full-Time
