Entergy
Security Architect Job Details | Entergy
Entergy, New Orleans, Louisiana, United States, 70123
Work Place Flexibility:
Hybrid
Legal Entity:
Entergy Services, LLC
This position may be filled in The Woodlands, TX; New Orleans, LA; Jackson, MS; or Little Rock, AR. Other locations within Entergy's service territory may be considered***
Job Summary
The Security Architect utilizes their knowledge of IT and information security engineering to lead and/or participate in the development of assigned projects or solutions. The Security Architect focuses on implementing security requirements for assigned projects and solutions while maintaining compliance with internal and externals policies and regulations.
The Security Architect works closely with the Enterprise Security Architect to ensure projects and solutions are consistent with Entergy's Information Security strategy and roadmap. The Security Architect provides clear and concise direction to project stakeholders and acts as the "face" of information security for those teams.
Key Responsibilities/DutiesUtilize Information Security reference architectures to develop secure solutions and designs for projectsProvide input to policies, procedures, standards, processes, and templates that are consistent with the Information Security strategy and roadmapParticipate in security and non-security projects to ensure that security requirements are defined and implementedPerform assessments and threat modeling of existing and emerging technologies to ensure they meet Entergy security and compliance requirementsEvangelize and advocate for information security with stakeholdersMonitor emerging trends in Information Security and technology and make or suggest changes to Entergy's security posture as necessaryExperience needed
3+ years of architecture or engineering experience in information security or IT/OT disciplines (detection and response, network security, application security, endpoint security, Identity and Access Management, vulnerability management, system administration, networking, application development, risk management, etc.)
One or more years in a complex and highly-regulated industry (e.g., utilities, financial services, healthcare, etc.)Experience working with outsourced teamsExperience in working in partnership with colleagues throughout the enterpriseMinimum Knowledge, Skills, and Abilities needed
Familiarity with technologies commonly utilized within an enterprise IT and OT environmentStrong knowledge of multiple information security domains with an emphasis in Cloud services (AWS, Azure, etc.)
Operating systems (*nix, Windows, IOS, etc.)Networking and network securityAPIsSecure coding/application securityVulnerability ManagementSIEMIdentity and Access ManagementPenetration testingScripting (Python, PowerShell, Perl, etc.)Security process and control developmentEndpoint protection technologyOT systems and protocolsSmart Grid technology
Some knowledge of IT Security regulations and guidance such as NIST, FISMA & ISO27001Familiarity with The Open Group Architecture Framework (TOGAF), Open Web Application Security Project (OWASP), Open Security Architecture, National Institute of Standards and Technology (NIST) Cloud Computing Reference Architecture, or other architecture frameworksAble to be hands-on with technical engineering and process management skills and the ability to advocate positive transformation within the broader information technology organizationAble to design & develop reference architecturesAble to design and develop an API based services layer for consistent integration with the security systemsKnowledge of security ramifications of energy related regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITILStrong writing and analytic abilityStrong ability to concisely and effectively communicate across the enterpriseOrganizational and time management skillsAvailable to travel as neededSelf-motivated, with the ability to manage and follow up on multiple tasks simultaneouslyCapable of meeting deadlinesEducation needed
Bachelor's degree in computer science, cyber security, information systems, engineering or a related discipline or equivalent work experience. Master's degree is a plus.
Certifications needed
ISACA or ISC2 certification, such as CISSP, CISM, CISA are a plusOSCP is a plusRelevant vendor credentials offered by companies such as Symantec, Checkpoint, Cisco, Microsoft, etc. are a plus
#LI-SB1
#LI-HYBRID
Primary Location:
Louisiana-New OrleansLouisiana : New Orleans || Arkansas : Little Rock || Mississippi : Jackson || Texas : The Woodlands || Texas : WoodlandsJob Function : ProfessionalFLSA Status : ProfessionalRelocation Option:Union description/code : NON BARGAINING UNITNumber of Openings : 1Req ID:
116030Travel Percentage :Up to 25%
An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the EEI page, or see statements below.
EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
Accessibility: Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf.If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click
here
and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.
Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Entergy Pay Transparency Policy Statement: The Entergy System of Companies (the Company) will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information. 41 CFR 60-1.35(c).
Equal Opportunity
and
Pay Transparency
.
Pay Transparency Notice:
Pay Transparency Nondiscrimination Provision (dol.gov)
The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please contactHRCompliance@entergy.com to schedule a time to review the affirmative action plan during regular office hours.
WORKING CONDITIONS:As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Please note:
Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.
Hybrid
Legal Entity:
Entergy Services, LLC
This position may be filled in The Woodlands, TX; New Orleans, LA; Jackson, MS; or Little Rock, AR. Other locations within Entergy's service territory may be considered***
Job Summary
The Security Architect utilizes their knowledge of IT and information security engineering to lead and/or participate in the development of assigned projects or solutions. The Security Architect focuses on implementing security requirements for assigned projects and solutions while maintaining compliance with internal and externals policies and regulations.
The Security Architect works closely with the Enterprise Security Architect to ensure projects and solutions are consistent with Entergy's Information Security strategy and roadmap. The Security Architect provides clear and concise direction to project stakeholders and acts as the "face" of information security for those teams.
Key Responsibilities/DutiesUtilize Information Security reference architectures to develop secure solutions and designs for projectsProvide input to policies, procedures, standards, processes, and templates that are consistent with the Information Security strategy and roadmapParticipate in security and non-security projects to ensure that security requirements are defined and implementedPerform assessments and threat modeling of existing and emerging technologies to ensure they meet Entergy security and compliance requirementsEvangelize and advocate for information security with stakeholdersMonitor emerging trends in Information Security and technology and make or suggest changes to Entergy's security posture as necessaryExperience needed
3+ years of architecture or engineering experience in information security or IT/OT disciplines (detection and response, network security, application security, endpoint security, Identity and Access Management, vulnerability management, system administration, networking, application development, risk management, etc.)
One or more years in a complex and highly-regulated industry (e.g., utilities, financial services, healthcare, etc.)Experience working with outsourced teamsExperience in working in partnership with colleagues throughout the enterpriseMinimum Knowledge, Skills, and Abilities needed
Familiarity with technologies commonly utilized within an enterprise IT and OT environmentStrong knowledge of multiple information security domains with an emphasis in Cloud services (AWS, Azure, etc.)
Operating systems (*nix, Windows, IOS, etc.)Networking and network securityAPIsSecure coding/application securityVulnerability ManagementSIEMIdentity and Access ManagementPenetration testingScripting (Python, PowerShell, Perl, etc.)Security process and control developmentEndpoint protection technologyOT systems and protocolsSmart Grid technology
Some knowledge of IT Security regulations and guidance such as NIST, FISMA & ISO27001Familiarity with The Open Group Architecture Framework (TOGAF), Open Web Application Security Project (OWASP), Open Security Architecture, National Institute of Standards and Technology (NIST) Cloud Computing Reference Architecture, or other architecture frameworksAble to be hands-on with technical engineering and process management skills and the ability to advocate positive transformation within the broader information technology organizationAble to design & develop reference architecturesAble to design and develop an API based services layer for consistent integration with the security systemsKnowledge of security ramifications of energy related regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITILStrong writing and analytic abilityStrong ability to concisely and effectively communicate across the enterpriseOrganizational and time management skillsAvailable to travel as neededSelf-motivated, with the ability to manage and follow up on multiple tasks simultaneouslyCapable of meeting deadlinesEducation needed
Bachelor's degree in computer science, cyber security, information systems, engineering or a related discipline or equivalent work experience. Master's degree is a plus.
Certifications needed
ISACA or ISC2 certification, such as CISSP, CISM, CISA are a plusOSCP is a plusRelevant vendor credentials offered by companies such as Symantec, Checkpoint, Cisco, Microsoft, etc. are a plus
#LI-SB1
#LI-HYBRID
Primary Location:
Louisiana-New OrleansLouisiana : New Orleans || Arkansas : Little Rock || Mississippi : Jackson || Texas : The Woodlands || Texas : WoodlandsJob Function : ProfessionalFLSA Status : ProfessionalRelocation Option:Union description/code : NON BARGAINING UNITNumber of Openings : 1Req ID:
116030Travel Percentage :Up to 25%
An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the EEI page, or see statements below.
EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
Accessibility: Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf.If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click
here
and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.
Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Entergy Pay Transparency Policy Statement: The Entergy System of Companies (the Company) will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information. 41 CFR 60-1.35(c).
Equal Opportunity
and
Pay Transparency
.
Pay Transparency Notice:
Pay Transparency Nondiscrimination Provision (dol.gov)
The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please contactHRCompliance@entergy.com to schedule a time to review the affirmative action plan during regular office hours.
WORKING CONDITIONS:As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Please note:
Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.