Work Place Flexibility: Hybrid
Legal Entity: Entergy Services, LLC
***This is a hybrid position that can be filled in The Woodlands, TX, Little Rock, AR. Relocation assistance and sponsorship is not provided. The official title for this position will be Info Sec Analyst Sr or Sr Lead depending on the experience and qualifications of the selected candidate***
Job Summary/Purpose:
The Consolidated Security Operations Center (CSOC) Senior Analyst will report to the Supervisor of CSOC responsible for providing advanced security analysis, incident response, and process improvement capabilities. This role will serve as a subject matter expert, guiding and mentoring junior analysts, and driving the continuous improvement of the CSOC's processes and tools.
The ideal candidate for this position is a seasoned cybersecurity professional with a strong technical background, exceptional analytical skills, and a proven track record of identifying and mitigating complex security threats. The CSOC Senior Analyst will work closely with the CSOC team and collaborate cross-functionally to enhance the organization's overall security posture.
The ideal candidate is detail oriented, a self-started, a problem solver with critical thinking skills, with high accountability attentive on timelines, and focused process improvement.
Job Duties/Responsibilities:
- Perform in-depth analysis of security incidents, leveraging threat intelligence, forensics, and advanced investigative techniques
- Lead complex incident response efforts, including containment, eradication, and recovery activities
- Develop and maintain incident response playbooks, procedures, and automation to ensure efficient and effective security operations
- Provide technical guidance and mentorship to junior CSOC analysts, sharing knowledge and best practices
- Collaborate with cross-functional teams (e.g., IT, OT, Cloud, Risk) to implement security controls and measures
- Stay abreast of the evolving threat landscape and emerging security trends, and recommend strategies to address new threats
- Identify and implement process improvements, automation, and tool enhancements to enhance the CSOC's capabilities
- Participate in the development and execution of the CSOC's strategic initiatives and roadmap
- Represent the CSOC in security-related projects, initiatives, and decision-making processes in collaboration with the CSOC’s leadership
- Provide timely and accurate reporting on security incidents, trends, and metrics to management
- Maintain a high level of technical proficiency through ongoing training and professional development
- Proficiency in SIEM tools with development and upkeep of detections
- Maintain understanding of the various threats and risks related to utility workforce, energy providers and/or NERC/CIP.
- Identify and implement automation with SOAR, SIEM, or similar tools to improve capabilities.
- Utilize your knowledge in Industrial Control Systems (ICS) and Operational Technology (OT) to protect critical infrastructure and operational assets.
- Understand MITRE Framework, identify TTPs and identify patterns and threat actors focused to the industry.
- Provide timely and accurate reports on security incidents, trends, and metrics to stakeholders and management.
- Available to travel up to 20%
MINIMUM REQUIREMENTS
Minimum education required of the position.
Typically requires a college or university degree in related field or the equivalent work experience. Master’s degree desired.
Minimum experience required of the position
- Information Security Analyst Sr: 6+ years of experience in cybersecurity, across multiple disciplines (incident response, threat hunting, monitoring, event correlation, behavior analytics, network engineering, data analytics, application security, database security, risk management, physical security, etc.) experience can be substituted with education as follows:
-
- Bachelors degree in cybersecurity and 4+ years of experience
- Masters degree in a computer science or related field and 2+ years of experience
-
- Information Security Analyst, Sr Lead: 8+ years of experience in cybersecurity, across multiple disciplines (incident response, threat hunting, monitoring, event correlation, behavior analytics, network engineering, data analytics, application security, database security, risk management, physical security, etc.) experience can be substituted with education as follows:
-
- Bachelors degree in cybersecurity and 6+ years of experience
- Masters degree in a computer science or related field and 4+ years of experience
-
- Demonstrated expertise in security monitoring, analysis, and incident response, with a deep understanding of attack vectors and threat intelligence
- Extensive knowledge of security tools, technologies, and best practices, including SIEM, SOAR, IDS/IPS, TIP and network security
- Proven ability to lead complex security investigations and effectively communicate findings to technical and non-technical stakeholders
- Excellent problem-solving, critical thinking, and decision-making skills
- Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams
- Experience in mentoring and developing junior security analysts
- Certifications such as CISSP, GIAC, or SANS are highly desirable
- Strong understanding of Industrial Control Systems (ICS) and Operational Technology (OT) security principles and best practices.
- Strong understanding of cloud environment for security principles and best practices
- Ability to perform computer network attack analysis and collaborate with counterintelligence and law enforcement investigations.
- Proactively identify possible threats, security gaps and vulnerabilities
Minimum knowledge, skills and abilities required of the position
- Excellent planning, organizational and project management skills; detail and process-oriented; able to handle multiple priorities in a fast-paced environment
- Understanding of MITRE ATT&CK Framework
- Advanced understanding of network security concepts and devices
- Excellent in managing time, priorities and training
- Outstanding problem-solving/decision making ability
- Excellent written and verbal communication skills, able to explain complex issues in clear and concise terms with constant collaboration with CSOC leadership
- Exceptional interpersonal skills, including teamwork, facilitation, and training
- Highly collaborative, able to work cross-functionally; possessing the ability to forge relationships and partner effectively
- Strong understanding and application of security incident response processes
- Strong analytical, critical thinking and decision-making skills
- Cloud understanding of secure monitoring and incident response
- Understanding of systems (including industrial control systems)
- Strong report writing and communication
- Demonstrated commitment to customer service with excellent oral and written communication skills
- Resourceful and self-motivated, with ability to work independently and in a team setting while following up on multiple tasks
Any certificates, licenses, etc. required for the position
One or more technical or InfoSec certifications are a plus, i.e., CompTIA, ISACA, EC-Council, or ISC2.
Technical Competencies
- Advanced technical and process management skills and the ability to advocate and influence positive transformation within the broader information technology organization
- Advanced knowledge of cyber security incident response processes and investigation requirements
- Proficient knowledge of multiple UNIX OS platforms and Windows-based operating systems
- Advanced knowledge about security operations, cyber security monitoring, intrusion detection, and secured networks
- Advanced knowledge of current IT Security trends and best practices in technology, as well as monitoring best practices and tools
#LI-TR1
#LI-HYBRID
Primary Location: Texas-The Woodlands Texas : The Woodlands || Arkansas : Little Rock || Louisiana : New Orleans
Job Function: Professional
FLSA Status: Professional
Relocation Option: No Relocation Offered
Union description/code: NON BARGAINING UNIT
Number of Openings: 1
Req ID: 120458
Travel Percentage:Up to 25%
An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the EEO page, or see statements below.
EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
Accessibility: Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf. If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click here and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.
Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Know Your Rights: Workplace Discrimination is Illegal
The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please contact HRCompliance@entergy.com to schedule a time to review the affirmative action plan during regular office hours.
WORKING CONDITIONS:
As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.
Job Segment:
Cyber Security, Operations Manager, Network Security, Network Engineer, Computer Science, Security, Operations, Engineering, Technology