CSOC Analyst I 118844

Work Place Flexibility: Hybrid

Legal Entity:Entergy Services LLC

This is a hybrid position that can be filled in The Woodlands TX Little Rock AR or New Orleans LA. The ideal candidate is detail oriented a problem solver with critical thinking skills and focused on process official job title for this position will be Info Sec Analyst I.

Job Summary/Purpose:

The Consolidated Security Operations Center Analyst I will report to the Supervisor of CSOC and will manage daytoday tasks as noted below with involvement in some projects as they arise. The Analyst to join our dynamic team with the Cybersecurity Organization at Entergy will have curiosity critical thinking analysis background and security background. This position will play a critical role in safeguarding our infrastructure and ensuring the integrity of our operations. The analyst is responsible for effective of 24/7 monitoring operations and incident management supporting analysis and investigations. They will also be able to learn train and assist in maturing the security program.

Job Duties/Responsibilities:

• Monitor alerts and events from the various CSOC tools while triaging and escalating as needed.
• Assist in improving the existing daily operational and incident response procedures and processes.
• Understand automation opportunities to improve capabilities.
• Conduct investigations and understand security events and incidents including but not limited to physical security malware infections phishing attempts and unauthorized access attempts.
• Understand various attack vectors used by threat actors to compromise systems and data.
• Able to participate on an oncall rotation
• Knowledge using SIEM EDR IDS/IPS tools with possible areas of development and upkeep
• Maintain understanding of the various threats and risks related to utility workforce energy providers and/or NERC/CIP.
• Participate in training and exercises to ensure CSOC team proficiency.
• Participate in postincident reviews to identify lessons learned and best practices.
• Have some understanding in Industrial Control Systems (ICS) and Operational Technology (OT) to protect critical infrastructure and operational assets.
• Collaborate with crossfunctional teams to understand security controls and measures to enhance our overall security posture.
• Have some knowledge of cloud security monitoring and support improvements for maturity posture.
• Understand incident response process procedures and playbooks to ensure effective and efficient response to security incidents.
• Understand MITRE Framework identify TTPs and identify patterns and threat actors focused to the industry.
• Ability to analyze discern and explain data with some visuals.
• Ability to bring ideas for automation improvement
• Provide timely and accurate reports on security incidents trends and metrics to stakeholders and management.
• Available to travel up to 20

MINIMUM REQUIREMENTS

Minimum education required of the position.

Typically requires postsecondary education in related field (i.e. Cybersecurity Information security criminal justice computer science etc..

Minimum experience required of the position

• 0 to 2 years of security experience across multiple disciplines (incident response threat hunting monitoring crisis management log gathering event correlation configuration behavior analytics network engineering data analytics application security database security risk management project management physical security etc. experience can be substituted with education as follows:
• Understanding of event and incident investigations and incident response in a 24/7 SOC environment
• Ability to work effectively with team members and with customers
• Knowledge of various attack vectors threat intelligence sources and the cybersecurity threat landscape.
• Understanding of cloud environment for security principles and best practices
• Provide guidance and mentorship to others in cyber threat analysis and operations.
• Proactively identify possible threats security gaps and vulnerabilities

Preferred experience of the position

• Experience to include some of the following: access control CCTV network investigations intrusion detection systems (IDS) and/or security information and event management (SIEM) tools.
• Understanding of Industrial Control Systems (ICS) and Operational Technology (OT) security principles and best practices.

Minimum knowledge skills and abilities required of the position

• Good planning organizational and time management skills; detail and processoriented; able to juggle multiple priorities.
• Understanding of MITRE ATT&CK Framework
• Good problemsolving/decision making ability
• Good written and verbal communication skills.
• Good interpersonal skills including teamwork.
• Highly collaborative able to work crossfunctionally; possessing the ability to forge relationships and partner effectively
• Resourceful and selfmotivated; selfstarter
• Able to work independently when required
• Good analytical critical thinking and decisionmaking skills
• Cloud understanding of secure monitoring and incident response
• Understanding of systems (including industrial control systems)
• Good report writing and communication and ability to effectively communicate across the organization
• Demonstrated commitment to customer service with excellent oral and written communication skills
• Selfmotivated with ability to work independently and in a team setting while following up on multiple tasks

Any certificates licenses etc. required for the position

One or more technical or InfoSec certifications are a plus i.e. CompTIA ISACA ECCouncil or ISC2.

Technical Competencies

• Technical knowledge and process management skills
• Commitment to customer service with good oral and written communication skills
• Understanding of multiple UNIX OS platforms and Windowsbased operating systems
• Some knowledge about security operations cyber security monitoring intrusion detection and secured networks
• Some knowledge of security risk and control frameworks and standards such as ISO 27001 and 27002 SANSCAG NIST FISMA COBIT COSO and ITIL
• Awareness of current IT Security trends and best practices in technology
• Ability to identify areas of improvement and recommend solutions

#LITR1

#LIHYBRID

Primary Location: TexasThe WoodlandsTexas : The Woodlands
Arkansas : Little Rock
Louisiana : New Orleans
Job Function: Professional
FLSA Status: Professional
Relocation Option: No Relocation Offered
Union description/code: NON BARGAINING UNIT
Number of Openings: 1
Req ID: 118844
Travel Percentage:Up to 25

An Equal Opportunity Employer Minority/Female/Disability/Vets. Please click here to view the EEI page or see statements below.

EEO Statement:The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race color religion sex gender sexual orientation gender identity or expression national origin age disability genetic information marital status amnesty or status as a protected veteran in accordance with applicable federal state and local laws. The Entergy System of Companies complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including but not limited to recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.

The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race color religion sex gender sexual orientation gender identity or expression national origin age genetic information disability or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.

Accessibility:Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant employee or third party on his or her you are an individual with a disability and you are in need of an accommodation for the recruiting process please clickhereand provide your name contact number the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.

Additional Responsibilities:As a provider of essential services Entergy expects its employees to be available to work additional hours to work in alternate locations and/or to perform additional duties in connection with storms outages emergencies or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.

Equal Opportunity

The nonconfidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please to schedule a time to review the affirmative action plan during regular office hours.

WORKING CONDITIONS:
As a provider of essential services Entergy expects its employees to be available to work additional hours to work in alternate locations and/or to perform additional duties in connection with storms outages emergencies or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.

Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.