Job added in hotlist
Applied job
Contract job
90-day-old-job
part-time-job
Recruiter job
Employer job
Expanded search
Apply online not available
View more jobs in Spring, TX
View more jobs in Texas

Job Details

Mgr IT - Info Security amp Advanced Monitoring

Company name
Entergy Corporation

Location
Spring, TX, United States

Employment Type
Full-Time

Industry
Manager, It

Posted on
Feb 07,2019

Valid Through
May 23,2019

Apply for this job






Profile

Brief Position Description

The Advanced Monitoring (AM) Manager is responsible for establishing, maintaining and evolving a successful advanced monitoring function (SIEM) within Information Security. The Advanced Monitoring function owns successful deployment and operation of security monitoring tools and processes designed for real-time analysis of alerts generated across the enterprise to protect the company's solutions and services by reducing time to detect and contain security incidents and risks. This role coordinates advanced monitoring capabilities and industry best practices with all areas of the IT organization.

 

The Manager will report to the Director of Detection and Response and will manage a team of employees and a flexible pool of contingent workers depending on project needs.

 

Key responsibilities include:

*Develop and implement necessary monitoring policies, reference architectures and procedures in compliance with statutory and regulatory requirements covering internal and external parties, regulated and non-regulated physical, operational and business systems throughout the enterprise

*Direct monitoring, identification, analysis, and response to suspicious real time events that occur against the enterprise

*Responsible for satisfying specific requirements to ensure security of the environment in compliance with North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54)

*Manage people, processes, and technologies required to deliver efficient and effective advanced monitoring capabilities

*Develop strategy & technology roadmap for the SIEM function

*Drive process excellence and maturity to push the envelope on delivering a world-class SIEM function to protect Entergy against cyber threats

*Support life-cycle management of the SIEM platform, including assistance with coordination and planning of upgrades, new deployments, and maintenance of current operational data flows

*Work closely with Consolidated Security Operations Center (CSOC), Threat & Vulnerability Management (TVM), other internal/external teams and management in a 24x7 operational environment

*Reviews policy and configurations within security technologies to identify systemic security issues and ensure effectiveness of mitigating risk

*Ensure systems are in place to detect changes to the environment configuration and continuously assure that assets are configured with the right policies

*Manage process to monitor, analyze and correlate logs and alerts across multiple platforms to identify advanced threats or incidents affecting the enterprise, which may evolve into use case content. This includes logs, network, endpoints, authentication and web activity

*Research and develop new use cases related to exploits and cyber threats

*Operationally integrate known threats and indicators of compromise into SIEM content in order to track cyber threat actors/campaigns based on technical analysis and open source/third party intelligence

*Maintain critical documentation and evidence to be used for after action reporting and/or legal evidence

*Assess the security impact of alerts and traffic anomalies to gather a broad view of the overall risk profile of the enterprise

*Monitor and respond to regulatory developments and industry best practices in a timely manner

*Accountable for advanced monitoring of all device classes (server, desktop, mobile, etc.), hosting models (on-premise, external, cloud) and applications

*Analyze email-based threats to understand and identify malicious tactics

*Work closely with the Threat and Vulnerability Management and CSOC teams to implement custom monitoring of new alerts and emerging threats

*Establish metrics to measure effectiveness and maturity of advanced monitoring function and report trends and necessary remediation

*Attend technical engagement with audit, regulators, clients, and third parties, when required

*Lead digitization efforts to automate routine playbooks and identify opportunities for automation

*Collaborate and work across other IT areas to design and onboard new systems to follow monitoring standards and best practices

*Manage and mentor a complex and diverse team of senior monitoring specialists to advance their skills and promote professional growth

 

Experience needed

*Five to seven years of cyber security experience across multiple disciplines (monitoring, log gathering, event correlation, configuration, behavior analytics, network engineering, application security, database, risk management, project management, etc.)

*Minimum of 3 years of experience working with Security Information Management, configuration, data aggregation, correlation and monitoring tools like Splunk, FireEye, Symantec, etc.

*Experience managing a team of senior monitoring specialists

*Experience working with outsourced teams

*Advanced experience with vulnerability assessment, event management, operations, incident management and reporting

*Experience with a variety of SIEM, configuration and monitoring technologies such as Splunk, Tripwire, Symantec

*Experience in designing, building, implementing, and supporting Monitoring Tool solutions

 

Minimum knowledge, skills, and abilities required of the position

*Able to be a hands-on manager with technical engineering and process management skills and the ability to advocate and influence positive transformation within the broader information technology organization

*Broad knowledge of multiple UNIX OS platforms and Windows-based operating systems

*Well-versed in security operations, cyber security monitoring, intrusion detection, and secured networks

*Proficient in security ramifications of energy related regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)

*Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL

*Knowledge of current IT Security trends and best practices in technology, as well as monitoring best practices and tools

*Working knowledge with scripting languages such as Perl or Python

*Clear understanding of cloud computing and the risks and benefits of using a vendor's remote servers to store, manage, and process an organization's data

*Excellent report writing and communication and ability to effectively communicate across the organization

*The ability to work well independently or with a team

*Available to travel

*Capable of meeting deadlines and budgets

*Ability to coordinate with Entergy's Audit, Legal, Supply Chain, Communications, Corporate Security and Risk Management organizations to understand requirements and ensure compliance with cyber security policies and standards

Education

Bachelor's degree in computer science, cyber security or a related discipline or equivalent work experience. Advanced degree preferred.

 

Any certificates, licenses, etc., required for the position

ISACA certification, such as CISSP, CISM, CISA

Vendor credentials offered by companies such as Microsoft and Cisco

 

#LI-MM1

Primary Location: Texas-Woodlands

Job Function: Information Technology

FLSA Status: Professional

Relocation Option: Level I

Union description/code: NON BARGAINING UNIT-NBU

Number of Openings: 1

Req ID: 83776

Travel Percentage:Up to 25%

 

An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the full statement

Company info

Entergy Corporation
Website : http://www.entergy.com

Company Profile
We suffered an employee fatality in 2012 and a contractor fatality in 2013. In 2012, employee lost-time injuries increased over 2011. This safety performance is devastating. We are working to build greater safety awareness and a stronger safety culture. Achieving an accident-free work environment for our employees and contractors remains a top priority.

Similar Jobs:
Senior System Engineer
Location : Houston, TX
About this job\r\nJob type: Full-timeRole: System AdministratorTechnologies osx, sysadmin Job description Requirements:  Extensive Experience with:               -Cisco UCS               -NetApp               -Net Backup...
Senior DW Developer
Location : Houston, TX
About this job\r\nJob type: Full-timeRole: Database AdministratorTechnologies sql, sql-server, tsql Job description Job Description: Position Title:  Senior DW Developer (SQL Server) Department:  Information Technology Reports to:...
Workday HRIS Analyst
Location : Houston, TX
Post a job offer Workday HRIS Analyst Genuent Houston, TX 30m ago This Position is responsible for the management and development of HRIS processes, Standard Operating Procedures, data integrity, system reports and analysis. This ...