Title:  Security Regulations Analyst

Date:  Apr 1, 2021
Legal Entity:  Entergy Services, LLC
Description: 

***This position can be located in New Orleans, LA, The Woodlands, TX, Little Rock, AR or Jackson, MS – Other locations within Entergy’s service territory may be considered***

 

***This position will be filled as an Analyst III, Sr, or Sr Lead depending on the qualifications and experience of the candidate***

 

Entergy Corporation is an integrated energy company engaged primarily in electric power production and retail distribution operations.  Entergy owns and operates power plants with approximately 30,000 megawatts of electric generating capacity, including 8,000 megawatts of nuclear power.  Entergy delivers electricity to 2.9 million utility customers in Arkansas, Louisiana, Mississippi, and Texas.  Tracing its history to 1913 and headquartered in New Orleans, Louisiana, Entergy has annual revenues of $11 billion and more than 13,000 employees.

 

The company’s utility business provides electric retail and wholesale power to customers in four states through five utility operating companies:  Entergy Arkansas, LLC; Entergy Louisiana, LLC; Entergy Mississippi, LLC; Entergy New Orleans, LLC; and Entergy Texas, Inc.  Entergy also delivers natural gas services to 200,000 customers in New Orleans and parts of Baton Rouge, Louisiana.  Entergy is winding down its wholesale generation business, which provides power to wholesale customers primarily from our two remaining nuclear facilities located in the northern United States.

 

The electric utility industry is rapidly changing, and Entergy is entering an exciting period of growth as we prepare for the future.  We are building the premier utility, a utility that delivers sustainable value to all its stakeholders – our customers, employees, communities, and owners – as measured by strong net promoter scores, high levels of service, superior and affordable products and services, highly skilled and engaged employees, and industry-leading financial performance.  We are focusing our sights on three key priorities – customer centricity, continuous improvement, and creating a culture of belonging for our employees.  Join us as we take the next step on our journey to building the premier utility.

 

JOB SUMMARY/PURPOSE:

Design, implement, monitor, and support business unit level processes and projects to ensure Entergy’s compliance with security regulations and programs. Including but not limited to North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP), Advanced Metering Infrastructure (AMI) security best practices, Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standards (PCIDSS), Transportation Security Administration (TSA) Pipeline Security Guidelines, and Health Insurance Portability and Accountability Act (HIPAA). Such projects and assignments will involve working with peers within the Distribution, Transmission, Power Generation, Information Technology, Nuclear, System Planning & Operations, Human Resources, Finance Operations, Internal Audit, and Information Security organizations to perform governance, oversight, and implementation of processes, policies, procedures, controls, and metrics that ensure compliance.

 

Initial prioritization will be NERC CIP Reliability Standards across Entergy including supporting all aspects of the NERC Standards Life Cycle, Interpretation, Policy, Procedures, Corrective Action Program, and developing/maintaining program metrics, key risk indicators, and reporting trends. This position will also provide subject matter support for Entergy operational technology (OT) environments within the Chief Security Office Department.  

 

JOB DUTIES/RESPONSIBILITIES:

  • Support effective regulatory compliance to NERC Critical Infrastructure Protection (CIP) Standards,  AMI security best practices, Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standards  (PCIDSS), NIST Cybersecurity Framework, Transportation Security Administration (TSA) Pipeline  Security Guidelines, and Health Insurance Portability and Accountability Act (HIPAA) by providing  governance, oversight, and guidance to support and enhance operational business unit’s risk management, Cyber, Information,  Physical,  and Personnel Security programs. 
  • Monitor & ensure implementation of new and revised security related regulatory standards including supporting specific Business Unit (BU) Governance Risk and Compliance (GRC) execution and control mapping 
  • Conduct compliance analysis (reportability reviews) and assist BUs with applicable enforcement process (self-report, mitigation plans, and closeouts) 
  • Perform routine self-assessments, spot-checks, and continuous audit preparations.  Support compliance audits conducted by other internal resources, consultants, or regulatory organizations. 
  • Keep responsible stakeholders informed regarding regulatory standards development activities associated with NERC CIP or other security related standards. Solicit input from appropriate subject matter experts and effectively communicate Entergy’s position on proposed regulatory standards. 
  • Ensure timely adherence from responsible stakeholders to all new/revised regulatory obligations associated with security related regulatory standards impacting Entergy. 
  • Develop, implement, and maintain security regulatory compliance program dashboards, metrics and key performance indicators (KPI) 
  • Provide general BU support (Cross-Function BU procedure reviews, Regulatory standard guidance, training, new build and acquisition integration)   
  • Participate in stakeholder engagement activities and industry events.
  • Other NERC Compliance Program support may include; NERC Reliability Standard policy and procedure administration; Regional Entity portal administration; NERC Office of Records support; Root Cause Analysis, Regulatory Audit support; Regulatory Enforcement Activities; Corrective Action Program support; Self-Assessments and Self-Certifications of NERC compliance; and Event Reporting and Event Analysis using engineering and technical background

 

MINIMUM REQUIREMENTS:

Minimum education required of the position:

  • Bachelor’s Degree in a technical or business-related field or equivalent work experience

 

Minimum experience required of the position:

  • Analyst III: 4+ years of professional experience in a related discipline 
  • Analyst Sr: 6+ years of professional experience in a related discipline
  • Analyst Sr. Lead: 8+ years of professional experience in a related discipline
  • Preferred: Experience working in physical and/or cyber security related systems and processes, or experience working in transmission operations, engineering or planning

 

Minimum knowledge, skills, and abilities required of the position:

  • Strong knowledge of energy related security regulations
  • Strong organizational skills with ability to manage multiple assignments/projects simultaneously
  • Excellent writing and analytical skills and the ability to communicate information in both formal and informal settings required
  • Highly collaborative, able to work cross-functionally; possessing the ability to forge relationships and partner effectively
  • Self-starter, independent worker, self-motivator
  • Preferred:
    • Knowledge of electrical power delivery systems with particular emphasis on plant electrical power distribution systems
    • Power plant or transmission operations knowledge 

 

Any certificates, licenses, etc., required for the position:

  • Preferred: Professional certification such as certified internal auditor (CIA), certification in risk management assurance (CRMA), certified information systems auditor (CISA), or Certified information systems security professional (CISSP)

Primary Location: Texas-The Woodlands
Job Function: Professional
FLSA Status: Professional
Relocation Option: No Relocation Offered
Union description/code: NON BARGAINING UNIT-NBU
Number of Openings: 2
Req ID: 102062
Travel Percentage:Up to 25%

 

An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the full statement.

 

WORKING CONDITIONS: 

As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.


Job Segment: Law, Electrical, Engineer, Information Systems, Security, Legal, Engineering, Technology