Information Security Engineer III or Sr. jobs in United States
cer-icon
Apply on Employer Site
company-logo

Entergy · 18 hours ago

Information Security Engineer III or Sr.

positionThe Woodlands, TX
timeFull-time
remoteHybrid
senioritySenior Level
date6+ years exp

Entergy is a provider of essential services, and they are seeking an Information Security Engineer III or Sr. to ensure compliance with regulatory requirements and enhance the security organization's posture. The role involves implementing frameworks, conducting compliance assessments, and communicating with various stakeholders to maintain adherence to security policies and regulations.

Electrical DistributionEnergyMarketingPower GridRetail TechnologyTrading Platform
badNo H1Bnote

Responsibilities

Responsible for coordinating the regulatory program within IS to ensure strict adherence with the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54) and Sarbanes Oxley (SOX) requirements
Document CS processes and procedures into process flows and apply a risk-based approach to determine areas of weakness utilizing frameworks such as COBIT and NIST
Responsible as the tertiary contact within the CS organization for communicating with executives, external regulators, and Entergy oversight entities on all aspects of compliance initiatives and status
Responsible for effectively conducting compliance assessments to ensure adherence to Entergy policies and regulatory requirements across the various CS groups and Business Units
Effectively communicate results to the Manager, Director, and senior leadership
Track the status of compliance programs and initiatives across the CS organization and assist with coordination of compliance activities with internal and external audit entities
Participate in the execution of OT Cyber Security Programs, including but not limited to:
Asset Inventory Management
Configuration Management
Change Management
Recovery Plans
Security Monitoring
Vulnerability Management
Transient Cyber Asset Management
Ideate and implement improvement opportunities for existing processes, toolsets, documentation, etc
Track Key Performance Indicators (KPI) to measure the IS organization's effectiveness in meeting its business performance expectations and adhering to applicable compliance requirements; communicate findings to the Director and senior leadership
Assist with establishing policies and procedures for conducting periodic compliance assessments, aggregating results and communicating with various levels of management
Identify gaps between Entergy’s policies and procedures and current industry standards and report to Director on results
Participate in the Corrective Action Program (CAP) process for evaluating the conditions adverse to quality, safety, security and compliance; set priorities in correcting problems and tracking them until they have been corrected
Deliver on continuous improvement of IS compliance with regulatory and company standards
Maintain awareness of changing regulatory requirements, review Entergy policies, and recommend revisions to remain compliant to changing regulations
Coordinate with other departments when drafting and revising new polices to obtain the appropriate approvals
Maintain/execute the IS Performance Management processes; collect/analyze/deliver performance metrics and associated commentary to IS groups, functional organizations, and business units
Provide Daily/Weekly/Monthly Change Management reporting and Key Performance Indicators (KPI) Metrics information
Deliver on process excellence and maturity to push the envelope on maintaining a strong culture of regulatory compliance at Entergy
Motivate staff to excel and continuously improve in keeping the enterprise compliant with regulatory requirements and Entergy policies
Maintain insights regarding emerging regulations relevant to Entergy’s business
Dissect operational, performance, and compliance data to find trends, corrective actions, input into the roadmaps
Integrate and analyze data from multiple sources and draw meaningful conclusions to articulate and strengthen Entergy’s regulatory compliance
Identify leading indicators of compliance irregularities and assist in shaping strategy and roadmaps
Identify and explain unusual fluctuations and trends in data set and develop proactive corrective actions to mitigate issues
Analyze and research well-defined inquiries (non-interpretative issues) on assigned data sets and conduct data analysis and visualization, as needed

Qualification

NERC CIP complianceNRC Nuclear Cyber complianceCybersecurity certificationData analysisRegulatory compliance experienceRisk management frameworksTeam motivationCommunication skillsDetail-orientedAdaptability

Required

Minimum six (for Engineer III) to nine (for Engineer Sr.) years of regulatory compliance and auditing experience related to cybersecurity
4+ years of work experience managing a regulatory compliance function within a utility or related industry
Strong communication skills with internal stakeholders and regulatory agencies
Experience with cybersecurity operations
Demonstrated experience with data analysis, data integration and data validation activities with large, regulated utilities or related industry
Experience managing indirect and outsourced resources
Experience managing operations playbooks, run books, and performance measures
Experience with regulatory relations and/or regulatory reporting
Performance maintaining and optimizing operations leveraging industry best practices
Strong knowledge of security ramifications of energy related regulations (NERC CIP, NRC Nuclear Cyber (10 CFR 73.54)
Knowledge of security, risk, and control frameworks and standards such as ISO 27001, NIST, FISMA & COBIT
Knowledge of current regulations as it pertains to Entergy's business
Detailed oriented with the ability to utilize sound business judgment to interpret regulatory requests and corresponding data
Ability to quickly adapt to changing events and priorities
Ability to translate complex technical information into terms and products useful to management
Strong social, verbal, and written communication skills, with demonstrated ability to effectively present analytical data to a variety of technical and non-technical audiences
Available to travel
Comfortable working in high stress and ambiguous environments
Capable of meeting deadlines and budgets
Bachelor's degree in computer science, cyber security or a related discipline or equivalent work experience
Cybersecurity certification, such as CISSP, CISM, CISA, GCIP, etc. required

Preferred

OT cybersecurity experience is a plus
NERC CIP experience is a plus
OT cybersecurity operational experience is a plus
Advanced degree preferred

Company

Entergy

twittertwittertwitter
Glassdoor3.7
company-logo
At Entergy (NYSE: ETR), we power life.
dateFounded in 1913
location
New Orleans, Louisiana, USA
people-size10001+ employees
web-link
https://www.entergy.com

Funding

Current Stage
Public Company
Total Funding
$1.3B
2025-03-17Post Ipo Equity· $1.3B
1985-05-03IPO

Leadership Team

leader-logo
Drew Marsh
Chair and Chief Executive Officer
linkedin
leader-logo
John O. Hudson III
SVP, federal policy, regulatory and government affairs

Recent News

SiliconANGLE
Meta announces plans to spend $600B in the US over three years
2025-11-08
PR Newswire
Entergy Executive Vice President and General Counsel Marcus Brown announces plans to retire in 2026
2025-11-07
PR Newswire
Entergy to participate in EEI Financial Conference
2025-11-06
Company data provided by crunchbase