CS Enterprise Architect
Entergy Corporation, New Orleans, LA, United States
This is a hybrid position that can be filled in The Woodlands, TX; Little Rock, AR; Jackson, MS; and New Orleans, LA. Sponsorship and Relocation Assistance is not provided.
Job Summary
The Enterprise Security Architect utilizes their knowledge, experience, and creativity to translate the Information Security strategy and roadmap into services, processes, and solutions that meet Entergy’s business objectives. The role focuses on specific functional areas and partners with key stakeholders to develop service, process, and solution roadmaps, reference architectures, and standards. The Architect is comfortable proposing and supporting innovative ideas while understanding the complexity, sensitivity, and regulatory landscape of an integrated energy company. They effectively push back when necessary while maintaining a customer‑centric perspective and act as a mentor to other Information Security and IT colleagues.
Key Responsibilities
Develop Information Security reference architectures for existing and emerging technologies
Work with other Domain Architects and the Enterprise Architecture team to align the Security architecture with the overall Enterprise architecture
Create policies, procedures, standards, processes, and templates consistent with the Information Security strategy and roadmap
Participate in security and non‑security projects to ensure security requirements are defined and implemented
Lead and/or perform assessments and threat modeling of existing and emerging technologies to ensure they meet Entergy security and compliance requirements
Advocate for information security with stakeholders
Integrate information security into core IT processes through development of a security services catalog and creation of security processes and controls
Develop effective and efficient methods to measure and monitor the security posture of the functional area
Monitor emerging trends in Information Security and technology, and recommend changes to Entergy’s security posture as necessary
Partner with Internal Audit, CSO, Compliance, regulators, and others to maintain a unified approach to information security
Experience
Ten or more years of architecture or engineering experience across multiple information security or IT/OT disciplines (detection and response, network security, application security, endpoint security, IAM, vulnerability management, system administration, networking, application development, risk management, etc.)
Three or more years of cyber security architecture experience
One or more years in a complex and highly regulated industry (e.g., utilities, financial services, healthcare, etc.)
Experience working with outsourced teams
Organizational and time‑management skills
Experience partnering with colleagues throughout the enterprise
KSA
Familiarity with technologies commonly utilized within an enterprise IT and OT environment
Strong knowledge of multiple information security domains and subject‑matter expertise in at least one of the following:
Networking and network security
APIs
Secure coding/application security
Vulnerability Management
SIEM
Identity and Access Management
Penetration testing
Security process and control development
Endpoint protection technology
OT systems and protocols
Smart Grid technology
Some knowledge of IT Security regulations and guidance such as NIST, FISMA, and ISO 27001
Familiarity with TOGAF, OWASP, Open Security Architecture, NIST Cloud Computing Reference Architecture, or other architecture frameworks
Hands‑on technical engineering and process management skills with the ability to advocate positive transformation within the broader IT organization
Ability to design and develop reference architectures and an API‑based services layer for consistent integration with security systems
Knowledge of security ramifications of energy‑related regulations (SOX, HIPAA, NERC CIP, FERC, NRC Nuclear Cyber (10 CFR 73.54))
Knowledge of security, risk, and control frameworks and standards such as ISO 27001 & 27002, SANS‑CAG, NIST, FISMA, COBIT, COSO, and ITIL
Strong writing and analytical ability
Strong ability to communicate concisely and effectively across the enterprise
Available to travel (up to 25%)
Self‑motivated with the ability to manage and follow up on multiple tasks simultaneously
Capable of meeting deadlines
Education
Bachelor’s degree in computer science, cyber security, information systems, engineering, or a related discipline, or equivalent work experience. Master’s degree preferred.
Certification
ISACA or ISC2 certification such as CISSP, CISM, CISA preferred
Vendor credentials from Symantec, Checkpoint, Cisco, Microsoft, etc. preferred
EEO Statement
The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non‑discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
#J-18808-Ljbffr
Job Summary
The Enterprise Security Architect utilizes their knowledge, experience, and creativity to translate the Information Security strategy and roadmap into services, processes, and solutions that meet Entergy’s business objectives. The role focuses on specific functional areas and partners with key stakeholders to develop service, process, and solution roadmaps, reference architectures, and standards. The Architect is comfortable proposing and supporting innovative ideas while understanding the complexity, sensitivity, and regulatory landscape of an integrated energy company. They effectively push back when necessary while maintaining a customer‑centric perspective and act as a mentor to other Information Security and IT colleagues.
Key Responsibilities
Develop Information Security reference architectures for existing and emerging technologies
Work with other Domain Architects and the Enterprise Architecture team to align the Security architecture with the overall Enterprise architecture
Create policies, procedures, standards, processes, and templates consistent with the Information Security strategy and roadmap
Participate in security and non‑security projects to ensure security requirements are defined and implemented
Lead and/or perform assessments and threat modeling of existing and emerging technologies to ensure they meet Entergy security and compliance requirements
Advocate for information security with stakeholders
Integrate information security into core IT processes through development of a security services catalog and creation of security processes and controls
Develop effective and efficient methods to measure and monitor the security posture of the functional area
Monitor emerging trends in Information Security and technology, and recommend changes to Entergy’s security posture as necessary
Partner with Internal Audit, CSO, Compliance, regulators, and others to maintain a unified approach to information security
Experience
Ten or more years of architecture or engineering experience across multiple information security or IT/OT disciplines (detection and response, network security, application security, endpoint security, IAM, vulnerability management, system administration, networking, application development, risk management, etc.)
Three or more years of cyber security architecture experience
One or more years in a complex and highly regulated industry (e.g., utilities, financial services, healthcare, etc.)
Experience working with outsourced teams
Organizational and time‑management skills
Experience partnering with colleagues throughout the enterprise
KSA
Familiarity with technologies commonly utilized within an enterprise IT and OT environment
Strong knowledge of multiple information security domains and subject‑matter expertise in at least one of the following:
Networking and network security
APIs
Secure coding/application security
Vulnerability Management
SIEM
Identity and Access Management
Penetration testing
Security process and control development
Endpoint protection technology
OT systems and protocols
Smart Grid technology
Some knowledge of IT Security regulations and guidance such as NIST, FISMA, and ISO 27001
Familiarity with TOGAF, OWASP, Open Security Architecture, NIST Cloud Computing Reference Architecture, or other architecture frameworks
Hands‑on technical engineering and process management skills with the ability to advocate positive transformation within the broader IT organization
Ability to design and develop reference architectures and an API‑based services layer for consistent integration with security systems
Knowledge of security ramifications of energy‑related regulations (SOX, HIPAA, NERC CIP, FERC, NRC Nuclear Cyber (10 CFR 73.54))
Knowledge of security, risk, and control frameworks and standards such as ISO 27001 & 27002, SANS‑CAG, NIST, FISMA, COBIT, COSO, and ITIL
Strong writing and analytical ability
Strong ability to communicate concisely and effectively across the enterprise
Available to travel (up to 25%)
Self‑motivated with the ability to manage and follow up on multiple tasks simultaneously
Capable of meeting deadlines
Education
Bachelor’s degree in computer science, cyber security, information systems, engineering, or a related discipline, or equivalent work experience. Master’s degree preferred.
Certification
ISACA or ISC2 certification such as CISSP, CISM, CISA preferred
Vendor credentials from Symantec, Checkpoint, Cisco, Microsoft, etc. preferred
EEO Statement
The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non‑discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
#J-18808-Ljbffr