Entergy
Job Title:
Cybersecurity Analyst I-II
Work Place Flexibility:
Hybrid
Legal Entity:
Entergy Services, LLC
***This is a hybrid position located in The Woodlands, TX or New Orleans, LA. Relocation assistance and sponsorship is not provided. The official job title for this position will be Cybersecurity Analyst I or Cybersecurity Analyst II depending on the selected candidate’s qualifications and experience.***
Brief Position Description The Security and Regulatory Compliance group applies frameworks to ensure that the security organization’s practices remain observant to all compliance directives required by NERC Critical Infrastructure Protection (CIP) and Sarbanes-Oxley (SOX). The Analyst will support the tracking and trending of compliance effectiveness and propose program adjustments to address issues. This position in the Security and Regulatory Compliance group will provide support to ensure Entergy adapts to emerging regulations and works to continually improve the security organization’s regulatory compliance posture. The role is critical to ensuring Cybersecurity complies with all applicable federal, state, and local regulatory requirements.
Key Responsibilities
Participate in risk assessments to identify risks and opportunities designed to improve business processes and information systems across the company.
Maintain customer relationships with members of Entergy’s management team to identify sources of risk or areas for improvement.
Support audit and risk assessment activities through data analytics and query development.
Discuss audit findings with operating personnel to verify facts and obtain background information not available in the documentation examined, and present value‑added suggestions for resolution of audit findings.
Prepare formal written reports, expressing opinions on the adequacy and effectiveness of the system and the efficiency with which activities are carried out, including findings and recommendations of corrective actions for deficiencies.
Coordinate the regulatory program within Cybersecurity to ensure strict adherence with NERC CIP and SOX requirements.
Assist with the documentation of Cybersecurity processes and procedures into process flows.
Apply a risk‑based approach to determine areas of weakness using frameworks such as COBIT and NIST.
Assist with compliance assessments of Entergy policies and regulatory requirements across the various CS groups.
Coordinate and communicate with technical resources, control owners, and internal and external auditors.
Contribute to gap analysis and application of control standards to IT General Controls (ITGCs).
Track Key Performance Indicators (KPI) to measure the Cybersecurity organization’s effectiveness and communicate findings.
Deliver continuous improvement of Cybersecurity’s compliance with regulatory and company standards.
Maintain awareness of changing regulatory requirements.
Integrate data from multiple sources to draw conclusions regarding Entergy’s regulatory compliance.
Deliver process excellence by maintaining a strong culture of regulatory compliance at Entergy.
Experience Needed
Cybersecurity Analyst I: 0–2+ years of cybersecurity operations and/or compliance experience
Cybersecurity Analyst II: 2–4 years of cybersecurity operations and/or compliance experience
Good communication skills
Exposure to cloud security, network security, and/or vulnerability management is a plus
Some experience maintaining operations leveraging industry best practices
Experience with data analysis, data integration, and data validation activities
Minimum Knowledge, Skills, and Abilities
General knowledge of Information Technology regulations such as SOX and NERC CIP Compliance
Provided support for Information Technology during audits/assessments
Understanding of multiple cybersecurity domains, such as:
Asset, Change, and Configuration Management
Threat and Vulnerability Management
Risk Management
Identity and Access Management
Situational Awareness
Incident Response and Continuity of Operations
Third‑Party Risk Management
Cybersecurity Architecture
Cybersecurity Program Management
Understanding of SIEM, configuration and monitoring, and malicious software prevention technologies such as Splunk, Tripwire, Symantec, BeyondTrust, Dragos, etc.
Knowledge of multiple OS and platforms (e.g. Windows, Linux, UNIX, Cisco iOS, Checkpoint GAIA, etc.)
Understanding of current cyber security trends and best practices in technology, as well as monitoring best practices and tools
Ability to quickly adapt to changing events and priorities
Social, verbal, and written communication skills, with ability to effectively present analytical data
Detail oriented with the ability to interpret regulatory requests and corresponding data
Comfortable working in high stress and ambiguous environments
Capable of meeting deadlines
Learning mindset
Available to travel
Education Bachelor’s degree strongly preferred in computer science, cybersecurity, internal audit, or a related discipline or equivalent work experience. Master’s degree is a plus.
Certificates, Licenses, etc. Required ISACA certification, such as CISSP, CISM, CISA preferred.
Travel Up to 25% travel.
EEO Statement The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non‑discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
Accessibility Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf. If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click
here
and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.
Additional Responsibilities As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Please Note Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.
#J-18808-Ljbffr
Cybersecurity Analyst I-II
Work Place Flexibility:
Hybrid
Legal Entity:
Entergy Services, LLC
***This is a hybrid position located in The Woodlands, TX or New Orleans, LA. Relocation assistance and sponsorship is not provided. The official job title for this position will be Cybersecurity Analyst I or Cybersecurity Analyst II depending on the selected candidate’s qualifications and experience.***
Brief Position Description The Security and Regulatory Compliance group applies frameworks to ensure that the security organization’s practices remain observant to all compliance directives required by NERC Critical Infrastructure Protection (CIP) and Sarbanes-Oxley (SOX). The Analyst will support the tracking and trending of compliance effectiveness and propose program adjustments to address issues. This position in the Security and Regulatory Compliance group will provide support to ensure Entergy adapts to emerging regulations and works to continually improve the security organization’s regulatory compliance posture. The role is critical to ensuring Cybersecurity complies with all applicable federal, state, and local regulatory requirements.
Key Responsibilities
Participate in risk assessments to identify risks and opportunities designed to improve business processes and information systems across the company.
Maintain customer relationships with members of Entergy’s management team to identify sources of risk or areas for improvement.
Support audit and risk assessment activities through data analytics and query development.
Discuss audit findings with operating personnel to verify facts and obtain background information not available in the documentation examined, and present value‑added suggestions for resolution of audit findings.
Prepare formal written reports, expressing opinions on the adequacy and effectiveness of the system and the efficiency with which activities are carried out, including findings and recommendations of corrective actions for deficiencies.
Coordinate the regulatory program within Cybersecurity to ensure strict adherence with NERC CIP and SOX requirements.
Assist with the documentation of Cybersecurity processes and procedures into process flows.
Apply a risk‑based approach to determine areas of weakness using frameworks such as COBIT and NIST.
Assist with compliance assessments of Entergy policies and regulatory requirements across the various CS groups.
Coordinate and communicate with technical resources, control owners, and internal and external auditors.
Contribute to gap analysis and application of control standards to IT General Controls (ITGCs).
Track Key Performance Indicators (KPI) to measure the Cybersecurity organization’s effectiveness and communicate findings.
Deliver continuous improvement of Cybersecurity’s compliance with regulatory and company standards.
Maintain awareness of changing regulatory requirements.
Integrate data from multiple sources to draw conclusions regarding Entergy’s regulatory compliance.
Deliver process excellence by maintaining a strong culture of regulatory compliance at Entergy.
Experience Needed
Cybersecurity Analyst I: 0–2+ years of cybersecurity operations and/or compliance experience
Cybersecurity Analyst II: 2–4 years of cybersecurity operations and/or compliance experience
Good communication skills
Exposure to cloud security, network security, and/or vulnerability management is a plus
Some experience maintaining operations leveraging industry best practices
Experience with data analysis, data integration, and data validation activities
Minimum Knowledge, Skills, and Abilities
General knowledge of Information Technology regulations such as SOX and NERC CIP Compliance
Provided support for Information Technology during audits/assessments
Understanding of multiple cybersecurity domains, such as:
Asset, Change, and Configuration Management
Threat and Vulnerability Management
Risk Management
Identity and Access Management
Situational Awareness
Incident Response and Continuity of Operations
Third‑Party Risk Management
Cybersecurity Architecture
Cybersecurity Program Management
Understanding of SIEM, configuration and monitoring, and malicious software prevention technologies such as Splunk, Tripwire, Symantec, BeyondTrust, Dragos, etc.
Knowledge of multiple OS and platforms (e.g. Windows, Linux, UNIX, Cisco iOS, Checkpoint GAIA, etc.)
Understanding of current cyber security trends and best practices in technology, as well as monitoring best practices and tools
Ability to quickly adapt to changing events and priorities
Social, verbal, and written communication skills, with ability to effectively present analytical data
Detail oriented with the ability to interpret regulatory requests and corresponding data
Comfortable working in high stress and ambiguous environments
Capable of meeting deadlines
Learning mindset
Available to travel
Education Bachelor’s degree strongly preferred in computer science, cybersecurity, internal audit, or a related discipline or equivalent work experience. Master’s degree is a plus.
Certificates, Licenses, etc. Required ISACA certification, such as CISSP, CISM, CISA preferred.
Travel Up to 25% travel.
EEO Statement The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non‑discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
Accessibility Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf. If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click
here
and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.
Additional Responsibilities As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Please Note Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.
#J-18808-Ljbffr