Information Security Analyst Senior Lead - Threat Hunter jobs in United States
cer-icon
Apply on Employer Site
company-logo

Entergy · 2 hours ago

Information Security Analyst Senior Lead - Threat Hunter

positionThe Woodlands, TX
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
date5+ years exp

Entergy is a provider of essential services, and they are seeking a Cyber Threat Hunter to proactively detect and respond to advanced threats. This role will involve leveraging threat intelligence and advanced detection tools to ensure the security of systems and data, while coordinating with the Consolidated Security Operations Center.

Electrical DistributionEnergyMarketingPower GridRetail TechnologyTrading Platform
badNo H1Bnote

Responsibilities

Create threat models to better understand the Entergy IT enterprise, identify gaps to improve defensive controls, expand offensive security capabilities and prioritize mitigations
Utilize Threat Models along with Threat Intelligence to create threat hypothesis
Plan and scope threat hunt missions to verify threat hypothesis
Develop and maintain work instructions, SOPs, playbooks
Assist in expanding and maintaining the Forensics program
Proactively and iteratively search through systems and networks to detect advanced threats
Analyze network, host, and application logs
Analyze malware and code
Have an understanding and knowledge of deception capabilities against advanced threats
Experience implementing, deploying and/or operating deception technologies and tactics
Prepare and report risk analysis and threat findings to appropriate stakeholders
Able to lead hunt missions with minimal to no supervision or guidance
Recommend course of actions, best practices and mitigating actions to improve security practices
Experience briefing senior level leaders and executives as well as the ability to translate technical topics into non-technical terms for decision making
Develop queries for the CSOC for new detections to new attacks
Ability to stay up to date for maintaining and understanding the cyber threat landscape, threat actors and activity to enhance Entergy’s cybersecurity posture
Identify, track and investigate high priority threat campaigns, malicious actors of interest, capabilities and TTPs
Create workflows and automation within the security tools
Collaborate and coordinate with business units to improve threat detection, response and improve the overall security posture
Participate in post-incident reviews to identify lessons learned and best practices
Reviewing current and emerging cyber threat intelligence to maintain situational awareness and initiate hunts
Maintaining threat hunts along with providing support to the CSOC as needed during advanced incident escalations
Creating and providing weekly briefings of reports
Collecting, aggregating and reporting on metrics from threat hunts and security cases
Conducting in-depth technical analysis on host-based, network-based, cloud-focused, and mobile systems to identify advanced threats that evade traditional detection systems and signatures

Qualification

Threat IntelligenceThreat HuntingIncident ResponseCybersecurity MonitoringDigital ForensicsDeception TechnologiesEDRSIEM ToolsScripting LanguagesMITRE ATT&CK FrameworkCloud SecurityAnalytical SkillsCommunication SkillsTeamworkProblem SolvingTime Management

Required

Bachelor's degree (i.e. Cybersecurity, Information security, IT, computer science, etc.) or 5-10 years of prior relevant experience
5+ years recent experience in a technical role in the areas of Security Operations, incident response, detection engineering, offensive security/red team, or cyber threat intelligence
Experience performing threat hunting in an active corporate environment
Experience with host-based and network-based security monitoring using cybersecurity capabilities
Experience with offensive security strategies and assessment methodology
Ability to see the larger picture when dealing with competing requirements and needs
Ability to navigate and work effectively across a complex organization
Experience with more than one or more enterprise EDR and SIEM tool
Experience with digital forensics or incident response on major security incidents
Ability to apply Cyber Threat Intelligence through enrichment, correlation and attribution
Experience consuming and analyzing Cyber Threat Intelligence for actionable takeaways
Experience working with log analysis tools
Experienced developing scripts to support cyber threat detection
Ability to work independently with minimal direction; self-starter / self-motivated
Good planning, organizational and time management skills; detail and process-oriented; able to juggle multiple priorities
Understanding of MITRE ATT&CK Framework
Good problem-solving/decision making ability
Good written and verbal communication skills
Good interpersonal skills, including teamwork
Highly collaborative, able to work cross-functionally; possessing the ability to forge relationships and partner effectively
Resourceful and self-motivated, able to work independently when required
Good analytical, critical thinking and decision-making skills
Cloud, IT-OT understanding of secure monitoring and incident response
Understanding of systems (including industrial control systems)
Good report writing and communication and ability to effectively communicate across the organization
Demonstrated commitment to customer service with excellent oral and written communication skills
Self-motivated, with ability to work independently and in a team setting while following up on multiple tasks
One or more technical or InfoSec certifications are a plus, i.e., CompTIA, ISACA, EC-Council, or ISC2
GIAC Certified Incident Handler
GIAC Certified Forensic Analyst
CISSP
SANS GCIA – Intrusion Analyst
SANS GMON – Continuous Monitoring Certification
CCSP – Certified Cloud Security Professional
GIAC Penetration Tester
Kali Linux Offensive Security Certified Professional (OSCP)
Hands-on technical engineering and process management skills and the ability to advocate positive transformation
Knowledgeable about security operations, cyber security monitoring, intrusion detection, and secured networks
In-depth knowledge of common networking protocols
Understanding of complex Enterprise networks to include routing, switching, firewalls, proxies, load balancers
Expertise in network and host-based analysis and investigation
Proficient with scripting languages such as PowerShell or Python
Master knowledge of multiple UNIX OS platforms and Windows-based operating systems
Master knowledge of current IT Security trends and best practices in technology, as well as monitoring best practices and tools
Master knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL

Company

Entergy

twittertwittertwitter
Glassdoor3.7
company-logo
At Entergy (NYSE: ETR), we power life.
dateFounded in 1913
location
New Orleans, Louisiana, USA
people-size10001+ employees
web-link
https://www.entergy.com

Funding

Current Stage
Public Company
Total Funding
$1.3B
2025-03-17Post Ipo Equity· $1.3B
1985-05-03IPO

Leadership Team

leader-logo
Drew Marsh
Chair and Chief Executive Officer
linkedin
leader-logo
John O. Hudson III
SVP, federal policy, regulatory and government affairs

Recent News

SiliconANGLE
Meta announces plans to spend $600B in the US over three years
2025-11-08
PR Newswire
Entergy Executive Vice President and General Counsel Marcus Brown announces plans to retire in 2026
2025-11-07
PR Newswire
Entergy to participate in EEI Financial Conference
2025-11-06
Company data provided by crunchbase