Information Security Engineer (End Point Security)

Date: Aug 20, 2019

Location: The Woodlands, TX, US

Company: Entergy

*This position can be filled as a senior or senior lead.*


Brief Position Description

The Information Security Engineer Endpoint Security is responsible for ensuring the information and operational security of all endpoints connected to Entergy’s environment, including workstations, laptops, mobile devices, severs, and endpoints owned by authorized users (BYOD).  The engineer will lead deployment of new and innovative technological solutions to protect our assets, data and people.  Advise a highly-skilled team focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen Entergy’s operations.


Key responsibilities include:  

  • Support the global endpoint security management plan and execution of policies that will be used across ALL endpoints in the enterprise, including
    • Endpoint baseline configurations
    • Vulnerability management
    • Antivirus protection
    • Data loss prevention
    • Endpoint Detection and Response (EDR)
    • Endpoint Protection Platform (EPP)
    • Policy compliance (e.g. encrypted storage, activity timeout)
  • Implement strategy & technology roadmap for endpoint security
  • Support the implementation, administration, and operation of multiple endpoint security technologies such as FireEye, Symantec, McAfee and BigFix
  • Assist Manager in driving process excellence and maturity to push the envelope on delivering world-class endpoint security for all corporate and operational technology needs, including power generation units, nuclear plants, electric substations, SCADA, distribution automation, and advanced metering infrastructure (AMI)
  • Ensure endpoint security capability complies with specific requirements of North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54)
  • Review policy exceptions as required, e.g. operational environment requires that a non-standard endpoint be connected to the network
  • Work with other information security, information technology, risk & compliance personnel to ensure the integrity of all network connected endpoints
  • Work with Advanced Monitoring to create and maintain endpoint behavior profiles used to detect anomalous behavior, including expected installed software and active processes and services
  • Monitor endpoint security trends and emerging security threats and suggest changes to policy, procedures, and tools
  • Identify security vendor software and integration strategies
  • Track metrics for the effectiveness and maturity of endpoint security technologies and processes
  • Support digitization efforts to automate routine playbooks and identify opportunities for automation
  • Support program planning, engineering work breakdown structure, task estimation, scheduling, change management and quality control of endpoint team’s deliverables


Experiences needed

  • Five to seven years of cyber security experience across multiple disciplines (monitoring, log gathering, event correlation, configuration, behavior analytics, network engineering, application security, database, risk management, project management, endpoint protection, etc.)
  • Minimum of 1 year of hands on experience managing an endpoint security function
  • Experience designing, developing, testing and implementing Endpoint Security solutions such Symantec, RSA (EMC), FireEye, etc.
  • Knowledge in network concepts - firewalls, load-balancers, and network design
  • Experience working with outsourced teams
  • Strong organizational and time management skills
  • Expertise in working in partnership with colleagues throughout the enterprise, and participating in collaborative teams to achieve common goals


Minimum knowledge, skills, and abilities required of the position

  • Knowledge of Endpoint security architecture, best practices, Endpoint Protection Platform (EPP) and Endpoint Detection & Response (EDR)
  • Able to support technical engineering and process management and advocate and influence positive transformation within the broader information technology organization
  • Strong knowledge of multiple UNIX OS platforms and Windows-based operating systems
  • Well-versed in security operations, cyber security monitoring, intrusion detection, and secured networks
  • Skilled in security ramifications of energy related regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)
  • Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL
  • Knowledge of current IT Security trends and evolutions in endpoint security
  • Working knowledge with scripting languages such as Perl or Python
  • Strong report writing and ability to effectively communicate across the IT organization
  • Available to travel
  • Self-motivated, with the ability to follow up on multiple tasks simultaneously
  • Capable of meeting deadlines and budgets



Associate’s degree in computer science, cyber security or a related discipline or equivalent work experience.  Bachelor’s degree preferred.


Any certificates, licenses, etc., required for the position

ISACA certification, such as CISSP, CISM, CISA

Relevant vendor credentials offered by companies such as Symantec, FireEye, etc



Primary Location: Texas-The Woodlands
Job Function: Information Technology
FLSA Status: Professional
Relocation Option: No Relocation Offered
Union description/code: NON BARGAINING UNIT-NBU
Number of Openings: 1
Req ID: 87227
Travel Percentage:Up to 25%


An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the full statement.



As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.

Nearest Major Market: Houston

Job Segment: Information Security, Corporate Security, Engineer, Risk Management, Security, Technology, Engineering, Finance