Info Sec Engineer Sr Lead jobs in United States
cer-icon
Apply on Employer Site
company-logo

Entergy · 8 hours ago

Info Sec Engineer Sr Lead

positionLittle Rock, AR
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
date6+ years exp

Entergy is a leading utility company focused on providing safe and reliable energy solutions. The Senior Information Security Engineer is responsible for enhancing the security engineering function, overseeing security monitoring tools and processes, and responding to cyber security events to protect the company's assets.

Electrical DistributionEnergyMarketingPower GridRetail TechnologyTrading Platform
badNo H1Bnote

Responsibilities

Act as Sr Lead Security Engineer, liaison with Cloud Implementation Partners, focus on assisting Leadership with developing cloud security implementation strategy and own/act as SME for cloud security engineering technology(s). Participate in the identification and implementation of detection and response use cases in partnership with the security operations center utilizing telemetry provided by or stored in one or more of the following sources: SIEM, XDR, Security Validation, External Threat Intelligence, User Behavior Analytics, and any additionally identified sources of security event data
Implement necessary monitoring policies, reference architectures, and procedures in compliance with statutory and regulatory requirements covering internal and external parties, regulated and non-regulated physical, operational, and business systems throughout the enterprise
Assist in satisfying specific requirements to ensure security of the environment in compliance with North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54)
Execute on strategy & technology roadmap for the Security Information Event Management (SIEM) platform
Drive process excellence and maturity to push the envelope on delivering a world-class Cyber Security function to protect Entergy against cyber threats
Support life-cycle management of the SIEM platform, and other interconnected or related monitoring platforms including assistance with coordination and planning of upgrades, new deployments, and maintenance of current operational systems
Execute on world-class cyber defense capability for all information technology and operational technology assets including power generation units, nuclear plants, electric substations, SCADA, distribution automation, advanced metering infrastructure (AMI), email, and networks
Work closely with Consolidated Security Operations Center (CSOC), Threat & Vulnerability Management (TVM), other internal/external teams and management in a 24x7 operational environment
Execute the processes to monitor, analyze, and correlate logs and alerts across multiple platforms to identify advanced threats or incidents affecting the enterprise and aiding in the development of security monitoring use cases. This includes any potential source of security relevant logs and/or data
Assist in maintaining documentation and evidence to be used for after action reporting and/or legal evidence
Monitor and respond to regulatory developments and industry best practices, with manager direction
Accountable for execution of security engineering support of all device classes (server, desktop, mobile, etc.), hosting models (on-premises, external, cloud) and applications to which security platforms apply
Work closely with all teams in Information Security to implement use cases for monitoring or SOAR
Deliver on KPIs to measure effectiveness of security engineering and report trends
Support security orchestration and automation efforts and help to identify opportunities to improve security response and precision
Collaborate and work across other IT and Information Security areas to design and onboard new systems to follow monitoring standards and best practices
Oversee and review work of junior resources as needed

Qualification

Cyber SecuritySecurity Information ManagementCloud Security EngineeringSecurity OrchestrationUser Behavior AnalyticsMitre ATT&CK FrameworkSIEMVulnerability AssessmentScripting LanguagesProcess ManagementCommunication SkillsTeam Collaboration

Required

Associate degree in computer science, cyber security or a related discipline or equivalent work experience
At least 6 years of cyber security experience across multiple disciplines (monitoring, log gathering, event correlation, configuration, behavior analytics, network engineering, data analytics, application security, database, risk management, project management, etc.)
Experience developing Security detection and response use cases based around the Mitre ATT&CK Framework
Experience with Security Information Management, configuration, data aggregation, correlation and monitoring tools like a Security Incident and Event Management system, Security Monitoring tools, Endpoint Protection Platform and Extended Detection and Response technologies, Configuration Management tools, etc
Experience working with outsourced teams
Experience with vulnerability assessment, event management, operations, incident management and reporting
Experience in supporting Monitoring Tool solutions
Demonstrated technical engineering and process management skills and the ability to advocate and support positive transformation within the broader information technology organization
Knowledge of cloud monitoring strategies and techniques
Knowledge of Security orchestration, automation, and response
Knowledge of User and Entity Behavior Analytics
Broad knowledge of multiple UNIX OS platforms and Windows-based operating systems
Well-versed in security operations, cyber security monitoring, intrusion detection, and secured networks
Strong report writing and communication and ability to effectively communicate across the IT organization
The ability to work well independently or with a team
Capable of meeting deadlines

Preferred

Bachelor's degree preferred
Strong knowledge of security ramifications of businesses regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)
Demonstrable experience developing and deploying security orchestration, automation, and response
Demonstrable experience developing and deploying user and entity behavior analytics platform and programs
Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO ITIL, and ATT&CK
Knowledge of current IT Security trends and best practices in technology, as well as monitoring best practices and tools
Working knowledge with scripting languages such as Perl or Python
Strong understanding of cloud computing and patterns involved in monitoring across cloud, hosted and on-prem architectures
CISSP, CISM, CISA or GIAC certifications are a plus

Company

Entergy

twittertwittertwitter
Glassdoor3.7
company-logo
At Entergy (NYSE: ETR), we power life.
dateFounded in 1913
location
New Orleans, Louisiana, USA
people-size10001+ employees
web-link
https://www.entergy.com

Funding

Current Stage
Public Company
Total Funding
$1.3B
2025-03-17Post Ipo Equity· $1.3B
1985-05-03IPO

Leadership Team

leader-logo
Drew Marsh
Chair and Chief Executive Officer
linkedin
leader-logo
John O. Hudson III
SVP, federal policy, regulatory and government affairs

Recent News

SiliconANGLE
Meta announces plans to spend $600B in the US over three years
2025-11-08
PR Newswire
Entergy Executive Vice President and General Counsel Marcus Brown announces plans to retire in 2026
2025-11-07
PR Newswire
Entergy to participate in EEI Financial Conference
2025-11-06
Company data provided by crunchbase