Location
Houston, TX | United States
Job description
Cybersecurity Engineer Sr
Date: Feb 7, 2024
Location: The Woodlands, Texas, United States
Company: Entergy
Posting End Date: 03/08/2024
Work Place Flexibility: Hybrid
Legal Entity: Entergy Services, LLC
The official title for this role in our system will be 'Info Sec Engineer Sr'
Brief Position Description
The Cybersecurity Engineer is responsible for the administration and execution of the Operational Technology Security Patch Management program. The Cybersecurity Engineer will lead internal and external resources in the timely execution of process controls designed to identify security vulnerabilities. The Cybersecurity Engineer will own the governance and management of the NERC CIP-007 R2 controls and will be responsible for internal and external communications and metrics regarding the program. Although technical aptitude is a requirement for this position, this role prioritizes the ability to organize workstreams and products, collaborate with multiple stakeholders, and drive completion of tasks over deep technical knowledge.
Key responsibilities include:
Oversee the daily operations of the external Security Patch Management team, including:
Security Patch Discovery and Evaluation
Creation of mitigation plans
Patch deployment planning
Lead collaborative meetings with stakeholders and owners to drive timely completion of activities for compliance with the program and regulatory standards
Maintain compliance with the NERC CIP-007 R2 controls
Drive the accuracy of asset inventory within the OT operating environment
Drive efficiencies and accuracy in continual security patch assessments
Drive effective communications with external OT asset owners for security patch remediation strategies
Leverage technology and scripted processes to reduce human interaction in managed processes
Maintain auditable records of work performed
Maintain procedures and work instructions for the Security Patch Management program
Maintain and track performance metrics of external resources assigned to the program
Work with external solution providers to correct any staffing or performance issues
Perform required testing of the NERC CIP-007 R2 controls within the Entergy GRC platform
Represent the Security Patch Management program to leadership and the Corrective Action Program
Act as the NERC CIP-007 R2 subject matter expert for internal and external audit requests and SERC self-report activity
Education needed
Bachelor’s degree in Computer Science, Information Systems, MIS or a related discipline or equivalent work experience.
Experiences needed
6+ years of relevant work experience
Project/Program Management experience is a plus
Minimum knowledge, skills, and abilities required of the position
Understanding of general Information Technology and/or Security concepts
Understanding and experience with Security Patching, Vulnerability Risk Assessments, and Vulnerability Management concepts
Understanding of general IT and OT architectures, systems, and intercommunications concepts
Understanding of Configuration Change Management concepts
Understanding of Operational Technology concepts
Ability to interpret internal or external business issues and recommending best practices
Proficiency with Microsoft Office and SharePoint
Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL is a plus
Experience with the following tools is a plus:
ServiceNow (Change Management, Incident Management, Vulnerability Response)
Tripwire
BigFix
Splunk
Automation Anywhere
Ability to quickly adapt to changing events and priorities
Ability to work independently, with guidance in only the most complex situations
Strong social, verbal, and written communication skills, with demonstrated ability to effectively present analytical data to a variety of technical and non-technical audiences
Comfortable working in high stress and ambiguous environments and developing solutions
Capable of meeting deadlines
Any certificates, licenses, etc., required for the position
SANS GIAC and ISC2 certifications are a plus
#LI-JL1
#LI-HYBRID
Primary Location: Texas - The Woodlands Arkansas : Little Rock || Louisiana : New Orleans || Texas : Houston || Texas : The Woodlands
Job Function : Professional
FLSA Status : Professional
Relocation Option: No Relocation Offered
Union description/code : NON BARGAINING UNIT
Number of Openings : 1
Req ID: 114028
Travel Percentage : Up to 25%
An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please clickhere ( to view the EEO page, or see statements below.
EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
Accessibility: Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf. If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click here ([email protected]?subject=Accessibility)and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.
Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Entergy Pay Transparency Policy Statement: The Entergy System of Companies (the Company) will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company’s legal duty to furnish information. 41 CFR 60-1.35(c). Equal Opportunity (and Pay Transparency (.
Pay Transparency Notice:
Pay Transparency Nondiscrimination Provision (dol.gov) (
The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please contact [email protected] to schedule a time to review the affirmative action plan during regular office hours.
WORKING CONDITIONS:
As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Job Segment: Compliance, Cyber Security, Engineer, Computer Science, Developer, Legal, Security, Engineering, Technology
Job tags
Salary