We use cookies to improve your experience on our site. To find out more, read our privacy policy.

Get Into Energy Jobs

Jobs in
Nuclear Energy
Jobs in
Natural Gas Energy
Jobs in
Renewable Energy
Jobs in
Electric Power
Business Careers
in Energy
Jobs in Nuclear Energy
Jobs in Natural Gas Energy
Jobs in Renewable Energy
Jobs in Electric Power
Business Careers in Energy
Home View All Jobs (8,947)

Job Information

Entergy Security Risk Analyst II or III in New Orleans, Louisiana

Security Risk Analyst II or III

Date: Apr 17, 2024

Location: The Woodlands, Texas, United States

Company: Entergy

Posting End Date:

Work Place Flexibility: Hybrid

Legal Entity: Entergy Services, LLC

This position will be filled as a Risk Analyst II or III depending on the selected candidate's experience and knowledge

Job Summary/Purpose

The Security Risk Analyst is responsible for assisting with the implementation and monitoring of Entergy’s vendor security risk management processes within the Chief Security Office (CSO).

The Security Risk Analyst will conduct thorough risk assessments of vendors and third-party service providers to evaluate their security controls, data protection measures, and overall risk posture.

In this role, you will develop and implement vendor risk management frameworks, policies, and procedures to enhance the effectiveness of our vendor risk program.

The Security Risk Analyst will collaborate with various internal stakeholders, including procurement, legal, and IT teams, to ensure vendor contracts and agreements align with our security standards and requirements.

You will monitor and track vendor compliance with security policies, standards, and contractual obligations.

Provide regular reports and updates to senior management on the status of vendor risk assessments, identified issues, and remediation efforts.

You will create and maintain relevant metrics for the program using PowerBI.

Stay current with industry trends, best practices, and regulatory requirements related to vendor risk management.

They will also assist the CSO department to raise employee awareness of security risks and methods to protect company critical infrastructure, data and assets. This role drives security control objectives to mitigate the risk from existing and evolving vulnerabilities and threats for on-site, off-shore and cloud solutions.

Job Duties/Responsibilities

  • Tracks Vendor Assessment Review Requests and communicates status to requestors

  • Reviews assessment reports against asset control objectives to determine effectiveness

  • Assists with vendor risk assessments (vendor assessments, supply chain assessments, etc.) as necessary

  • Reports out on control testing through Controls Dashboard

  • Administers vendor risk request tracking process

  • Prepares summary and detailed reports on vendor risk across the enterprise

  • Conducts control testing and assessment

Minimum education required of the position

Bachelor’s degree in Business, Computer Science or related field, or equivalent work experience

Minimum experience required of the position

Risk Analyst II: 2+ years of experience in internal or external auditing, security testing, or risk management and analysis

Risk Analyst III: 4+ years of experience in internal or external auditing, security testing, or risk management and analysis

  • IT security or IT risk management experience is a plus

Minimum knowledge, skills and abilities required of the position

• Strongproblem-solving and decision making ability

• Good written and verbal communication skills

• Professional demeanor, exceptional interpersonal skills, including teamwork, facilitation and negotiation

• Team player, highly collaborative, able to work cross-functionally

• Resourceful and self-motivated, able to work independently when required

• Good planning, organizational and project management skills; detail and process-oriented; able to multi-task a number of different projects

• Knowledge of generally applicable and accepted audit and risk frameworks (e.g. COBIT, CAG 20 Critical Security Controls, NIST, UCF) and government guidelines and laws (e.g. Sarbanes Oxley Act, NERC/CIP, HIPAA, FCC)

• Understanding of regulatory requirements impacting the utility industry (SOX, HIPAA, NERC CIP, Smart Meter/Smart Grid, etc.) with subject matter expert knowledge in one or more areas

• Advanced computer skills including Microsoft Office suite and other business related software systems

The following would be a plus

• Knowledge of Vendor Security Risk Management tools (Venminder, BitSight, Security Scorecard)

• Advanced knowledge of Micrsoft PowerBI

• Knowledge of Cloud Security

#LI-JL1

#LI-HYBRID

Primary Location: Texas-The Woodlands Arkansas : Little Rock || Louisiana : New Orleans || Mississippi : Jackson || Texas : Houston || Texas : The Woodlands

Job Function : Professional

FLSA Status : Exempt

Relocation Option: No Relocation Offered

Union description/code :

Number of Openings : 1

Req ID: 114504

Travel Percentage :Up to 25%

An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please clickhere (https://jobs.entergy.com/content/EEO/?locale=en_US) to view the EEI page, or see statements below.

EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.

Accessibility: Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf. If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click here (humanr@entergy.com?subject=Accessibility) and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request.

Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.

Entergy Pay Transparency Policy Statement: The Entergy System of Companies (the Company) will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company’s legal duty to furnish information. 41 CFR 60-1.35(c). Equal Opportunity (https://www.dol.gov/agencies/ofccp/manual/fccm/2l-equal-opportunity-clauses-and-other-requirements/2l00-equal-opportunity) and Pay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf) .

Pay Transparency Notice:

Pay Transparency Nondiscrimination Provision (dol.gov) (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf)

The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please contact HRCompliance@entergy.com to schedule a time to review the affirmative action plan during regular office hours.

WORKING CONDITIONS:

As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.

Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.

Job Segment: Compliance, Risk Management, Cloud, Supply Chain, Testing, Legal, Finance, Technology, Operations

DirectEmployers