Security Engineer

Job Title:Security Engineer

Work Place Flexibility: Hybrid

Legal Entity:Entergy Services LLC

***This position will be filled as an Information Security Engineer III or Sr depending on the candidates experience and qualifications***

***This position may be filled in Jackson MS; Little Rock AR; The Woodlands TX; or New Orleans LA***

Brief Position Description:

The Senior Information Security Engineer is responsible for proactively improving and evolving a successful security engineering function within Information Security Engineering team owns the deployment and operation of security monitoring tools and processes designed for realtime analysis triage and response to events and alerts generated across the enterprise to protect the companys assets solutions and services by reducing time to respond to and if necessary remediate security incidents and risks. This role is focused on interpreting cyber security event data security validation tests user behavior analytics third party threat intel and XDR data to develop security detection and response use cases as well as tune the systems that support the development of alert response and forensic data creation.

Key responsibilities include:

• Act as primary detection engineer. Lead identification and implementation of detection and response use cases in partnership with the security operations center utilizing telemetry provided by or stored in one or more of the following sources: SIEM XDR Security Validation External Threat Intelligence User Behavior Analytics and any additionally identified sources of security event data.

• Implement necessary monitoring policies reference architectures and procedures in compliance with statutory and regulatory requirements covering internal and external parties regulated and nonregulated physical operational and business systems throughout the enterprise

• Assist in satisfying specific requirements to ensure security of the environment in compliance with North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber 10 CFR 73.54

• Execute on strategy & technology roadmap for the Security Information Event Management (SIEM) platform

• Drive process excellence and maturity to push the envelope on delivering a worldclass Cyber Security function to protect Entergy against cyber threats

• Support lifecycle management of the SIEM platform and other interconnected or related monitoring platforms including assistance with coordination and planning of upgrades new deployments and maintenance of current operational systems

• Execute on worldclass cyber defense capability for all information technology and operational technology assets including power generation units nuclear plants electric substations SCADA distribution automation advanced metering infrastructure (AMI) email and networks.

• Work closely with Consolidated Security Operations Center (CSOC) Threat & Vulnerability Management (TVM) other internal/external teams and management in a 24x7 operational environment

• Execute the processes to monitor analyze and correlate logs and alerts across multiple platforms to identify advanced threats or incidents affecting the enterprise and aiding in the development of security monitoring use cases. This includes any potential source of security relevant logs and/or data.

• Assist in maintaining documentation and evidence to be used for after action reporting and/or legal evidence

• Monitor and respond to regulatory developments and industry best practices with manager direction

• Accountable for of security engineering support of all device classes (server desktop mobile etc. hosting models (onpremises external cloud) and applications to which security platforms apply

• Work closely with all teams in Information Security to implement use cases for monitoring or SOAR

• Deliver on KPIs to measure effectiveness of security engineering and report trends

• Support security orchestration and automation efforts and help to identify opportunities to improve security response and precision.

• Collaborate and work across other IT and Information Security areas to design and onboard new systems to follow monitoring standards and best practices

• Oversee and review work of junior resources as needed

Minimum Requirments:

Minimum Education required:

• Associate degree in computer science cyber security or a related discipline or equivalent work experience.

• Bachelors degree preferred.

Minimum Experiencerequired:

Information Security Engineer III:

• 4 plus years of cyber security experience across multiple disciplines (monitoring log gathering event correlation configuration behavior analytics network engineering application security database risk management project management etc.

• 1 years of experience working with Security Information Event Management platforms is a plus

• Experience working with outsourced teams is a plus

• Experience with vulnerability management event management security operations incident management and security reporting is a plus

• Experience in designing building implementing and supporting security monitoring solutions is a plus

Senior Security Engineer:

• At least 6 years of cyber security experience across multiple disciplines (monitoring log gathering event correlation configuration behavior analytics network engineering data analytics application security database risk management project management etc.

• Experience developing Security detection and response use cases based around the Mitre ATT&CK Framework

• Experience with Security Information Management configuration data aggregation correlation and monitoring tools like a Security Incident and Event Management system Security Monitoring tools Endpoint Protection Platform and Extended Detection and Response technologies Configuration Management tools etc.

• Experience working with outsourced teams

• Experience with vulnerability assessment event management operations incident management and reporting

• Experience in supporting Monitoring Tool solutions

Minimum knowledge skills and abilities required of the position (combination of the following):

• Demonstrated technical engineering and process management skills and the ability to advocate and support positive transformation within the broader information technology organization

• Knowledge of cloud monitoring strategies and techniques

• Knowledge of Security orchestration automation and response

• Knowledge of User and Entity Behavior Analytics

• Broad knowledge of multiple UNIX OS platforms and Windowsbased operating systems

• Wellversed in security operations cyber security monitoring intrusion detection and secured networks

Highly qualified candidates will be able to demonstrate knowledge of multiple of the following:

• Strong knowledge of security ramifications of businesses regulations (SOX HIPAA NERC CIP FERC and NRC Nuclear Cyber 10 CFR 73.54

• Demonstrable experience developing and deploying security orchestration automation and response

• Demonstrable experience developing and deploying user and entity behavior analytics platform and programs

• Knowledge of security risk and control frameworks and standards such as ISO 27001 and 27002 SANSCAG NIST FISMA COBIT COSO ITIL and ATT&CK

• Knowledge of current IT Security trends and best practices in technology as well as monitoring best practices and tools

• Working knowledge with scripting languages such as Perl or Python

• Strong understanding of cloud computing and patterns involved in monitoring across cloud hosted and onprem architectures.

• Strong report writing and communication and ability to effectively communicate across the IT organization

• The ability to work well independently or with a team

• Capable of meeting deadlines

Any certificates licenses etc. required for the position:

• CISSP CISM CISA or GIAC certifications are a plus

#LISB1

#LIHYBRID

Primary Location: TexasThe WoodlandsMississippi : Jackson Arkansas : Little Rock Louisiana : New Orleans Texas : The Woodlands Texas : Woodlands
Job Function: Information Technology
FLSA Status: Professional
Relocation Option: No Relocation Offered
Union description/code: NON BARGAINING UNIT
Number of Openings: 1
Req ID: 116326
Travel Percentage:Up to 25

An Equal Opportunity Employer Minority/Female/Disability/Vets. Please click here to view the EEI page or see statements below.

EEO Statement:The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race color religion sex gender sexual orientation gender identity or expression national origin age disability genetic information marital status amnesty or status as a protected veteran in accordance with applicable federal state and local laws. The Entergy System of Companies complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including but not limited to recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.

The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race color religion sex gender sexual orientation gender identity or expression national origin age genetic information disability or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.

Accessibility:Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant employee or third party on his or her you are an individual with a disability and you are in need of an accommodation for the recruiting process please clickhereand provide your name contact number the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.

Additional Responsibilities:As a provider of essential services Entergy expects its employees to be available to work additional hours to work in alternate locations and/or to perform additional duties in connection with storms outages emergencies or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.

Entergy Pay Transparency Policy Statement:The Entergy System of Companies (the Company) will not discharge or in any other manner discriminate against employees or applicants because they have inquired about discussed or disclosed their own pay or the pay of another employee or applicant. However employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information unless the disclosure is (a) in response to a formal complaint or charge (b) in furtherance of an investigation proceeding hearing or action including an investigation conducted by the employer or (c) consistent with the Companys legal duty to furnish information. 41 CFR 601.35(c).Equal OpportunityandPay Transparency.

Pay Transparency Notice:

Pay Transparency Nondiscrimination Provision (dol)

The nonconfidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please to schedule a time to review the affirmative action plan during regular office hours.

WORKING CONDITIONS:
As a provider of essential services Entergy expects its employees to be available to work additional hours to work in alternate locations and/or to perform additional duties in connection with storms outages emergencies or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.

Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.