Solution Architect, Sr (Security Architecture)

Date: Jun 20, 2019

Location: The Woodlands, TX, US

Company: Entergy

**This position can be filled in New Orleans, LA, Jackson, MS, Little Rock, AR, or The Woodlands, TX.**

 

Brief Position Description

The Solution Architect Sr is responsible for design & implementation of a robust information security architecture to ensure security of all Corporate IT, Operational Technology (OT), and Internet of Things (IoT) enabled systems at Entergy.  The Solution Architect Sr will collaborate with others to realize the architecture strategy by implementing security solutions to protect the enterprise and maintain compliance with all regulatory requirements. Deliver continuous improvement of Entergy’s security posture to ensure the security of data and critical systems and will provide Subject Matter Expertise (SME) over security architecture, and policies and procedures as it pertains to security across multiple platforms & technologies.

 

Key responsibilities include:  

  • Support design & implementation of an overall information security architecture strategy that supports the organization's objectives
  • Design and deliver process excellence and maturity to push the envelope on delivering world-class IT security architecture for all corporate and operational technology needs, including power generation units, nuclear plants, electric substations, SCADA, distribution automation, and advanced metering infrastructure (AMI)
  • Ensure implementation complies with specific requirements of North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54)
  • Execute on design and implementation of information security architecture strategy and technology roadmap to ensure the best balance of security, efficiency, effectiveness, and scalability while protecting against internal/external threats across all platforms
  • Work closely with other team members, engineering teams, and project managers in order to establish current and future state IT and OT security architectures across multiple technologies and ensure that the solutions are engineered in accordance with these architectures
  • Support business case development for investment in advancing security capabilities (DLP, IPS, SIEM, etc.) to improve Energy’s security posture
  • Participate in efforts that tailor the company's security architecture and standards for use in cloud-based environments
  • Design and implement security controls for Advanced Metering Infrastructure (AMI) and (Bulk Electric System) BES communications networks
  • Maintain secure configuration and coding guidelines across all systems and environments
  • Influence continuous ‘shifting left’ to incorporate security requirements and testing in the delivery lifecycle
  • Act as a technical resource for the enterprise, ensuring security design for systems align with business needs, architecture and technical standards 
  • Participate in technical engagements with audit, regulators, clients, and third parties, when required 

 

Experience needed

  • Three to five years of cyber security and architecture experience across multiple disciplines (monitoring, network engineering, mobile devices, various endpoint architectures, application security, physical environments, etc.)
  • Practical technical experience within a Cyber Security role and at least 1 year of utility related or direct electric utility industry experience required
  • Experience in building cyber resilient architecture, recommendation and implementation of best practices to secure network and application infrastructure, protect information against unauthorized data access and loss, risk reduction and vulnerability mitigation
  • Some experience with Cyber security programs, specifically Enterprise Security Architecture to include reference security architecture creation, security program assessment, security operations, incident response, forensic analysis, threat intelligence, identity and access management, data protection, penetration testing, Web application security testing, vulnerability and risk management
  • Knowledge of security products in on-prem, cloud and SaaS models, SIEMs, firewalls, security applications, vulnerability detection, network devices, and endpoint protection
  • Some experience with electric utility customer service, distribution grid technologies and SCADA operations, e.g., Smart Grid, AMI, SCADA, meter data management systems (MDMS), etc.
  • Experience with relevant technologies like Splunk, Avigilon, PSIM, Nessus, Tripwire or SolarWinds
  • Experience working with outsourced teams
  • Organizational and time management skills
  • Experience in working in partnership with colleagues throughout the enterprise

 

Minimum knowledge, skills, and abilities required of the position

  • Some knowledge of IT Security regulations and guidance such as NIST, FISMA & ISO27001
  • Familiarity with The Open Group Architecture Framework (TOGAF), Open Web Application Security Project (OWASP), Open Security Architecture, National Institute of Standards and Technology (NIST) Cloud Computing Reference Architecture, or other architecture frameworks
  • Able to be hands-on with technical engineering and process management skills and the ability to advocate positive transformation within the broader information technology organization
  • Able to design & develop reference architectures and proof of concept implementations of cloud security environments
  • Able to develop and support security controls for AMI & BES communications network
  • Able to design and develop an API based services layer for consistent integration with the security systems
  • Strong knowledge of multiple UNIX OS platforms and Windows-based operating systems
  • Strong knowledge in network concepts - firewalls, load-balancers, and network design
  • Knowledgeable in security technologies & implementation
  • Strong knowledge of security ramifications of energy related regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)
  • Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL
  • Strong knowledge of security technologies including Firewall, IDS/IPS/HIDS, anti-virus, SIEM, Vulnerability Scanning, Threat Intelligence sources and services
  • Some knowledge of current IT Security trends
  • Knowledge with scripting languages such as Perl or Python
  • Solid report writing and ability to effectively communicate across the IT organization
  • Available to travel
  • Self-motivated, with the ability to manage and follow up on multiple tasks simultaneously
  • Capable of meeting deadlines

 

Education

Associate’s degree in computer science, cyber security or a related discipline or equivalent work experience.  Bachelor’s degree preferred.

 

Any certificates, licenses, etc., required for the position

ISACA certification, such as CISSP, CISM, CISA or willingness and/or ability to obtain in the future required

Relevant vendor credentials offered by companies such as Symantec or willingness and/or ability to obtain in the future required

#LI-MM1

Primary Location: Texas-The Woodlands
Job Function: Information Technology
FLSA Status: Professional
Relocation Option: Level II
Union description/code: NON BARGAINING UNIT-NBU
Number of Openings: 1
Req ID: 84586
Travel Percentage:Up to 25%

 

An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the full statement.

 

WORKING CONDITIONS: 

As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.


Nearest Major Market: Houston

Job Segment: Solution Architect, Architecture, Corporate Security, Engineer, Technology, Engineering, Security