Description
***This position may be filled at any location within Entergy's service territory - TX, LA, MS, AR***
Brief Position Description
The Enterprise Security Architecture Manager is responsible for defining, establishing, and modernizing a robust information security architecture to ensure security of all Corporate IT, Operational Technology (OT), and Internet of Things (IoT) enabled systems at Entergy. The manager will lead a team of security architects that provide support and services across the enterprise and collaborate with other teams to realize the architecture strategy by driving the implementation of security solutions to protect the enterprise and maintain compliance with all regulatory requirements. Drive continuous improvement of Entergy's security posture to ensure the security of data and critical systems and will provide Subject Matter Expertise (SME) over security architecture and policies and procedures as it pertains to security across multiple platforms & technologies.
The Manager will manage a team of employees and a flexible pool of contingent or 3rd party depending on project needs.
Key responsibilities include:
- Lead the direction of information security through the development of an information security strategy that addresses the threats to the Entergy environment.
- Collaborate with engineering teams to drive security roadmaps by providing security requirements that map security controls and patterns to products, services, and threats.
- Serve as the Security Lead in the design, implementation, and integration phases of cloud-based solutions to meet client and firm security requirements, address enterprise risks and exposures in cloud-based solutions
- Define information security controls and patterns that support risk assessments and support the development of secure architectures.
- Provide technical security expertise to solutions including communicating security architectural decisions, benefits, and risks.
- Collaborate with technology architecture teams and business stakeholders by performing security analysis of proposed architectures, providing risk assessment feedback, including security requirements; provide security consulting services internally to the organization by giving security guidance and functioning as an information security subject matter expert.
- Deliver world-class security architecture for all corporate and operational technology needs, including power generation units, nuclear plants, electric substations, SCADA, distribution automation, and advanced metering infrastructure (AMI)
- Ensure security architecture & implementation complies with specific requirements of North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54)
- Develop reference security architectures across applications, infrastructure, network, cloud, IoT, on-prem, mobile and physical environments
- Own and guide implementation of information security architecture strategy and technology roadmap to ensure the best balance of security, efficiency, effectiveness, and scalability while protecting against internal/external threats across all platforms
- Assist the Security Architecture and Engineering Director in conducting technology and vendor assessments to validate that information security technology portfolios are kept up to date and meet contractual requirements
- Identify new trends in systems security and data protection, and support business cases for investment in advancing security capabilities (DLP, IPS, SIEM, etc.) to improve Energy's security posture.
- Attend and participate in technical engagements with audit, regulators, clients, and third parties, when required
- Determine staffing requirements, including recruiting, hiring, training, development, and retention of highly qualified team members
MINIMUM REQUIREMENTS:
Minimum Experiences needed
- Five plus years of cyber security and architecture experience across multiple disciplines (monitoring, network engineering, mobile devices, various endpoint architectures, application security, physical environments, etc.)
- Experienced people leader with direct management/supervision of employees, building teams, performance management and employee development.
- Practical technical experience within a Cyber Security role and at least 3 years of utility related or direct electric utility industry experience required
- Strong experience in building cyber resilient architecture, recommendation, and implementation of best practices to secure network and application infrastructure, protect information against unauthorized data access and loss, risk reduction and vulnerability mitigation
- Experience with Cyber security programs, specifically Enterprise Security Architecture to include reference security architecture creation, security program assessment, security operations, incident response, forensic analysis, threat intelligence, identity and access management, data protection, penetration testing, Web application security testing, vulnerability, and risk management
- Working knowledge of security products in on-prem, cloud and SaaS models, SIEMs, firewalls, security applications, vulnerability detection, network devices, and endpoint protection
- Experience with electric utility customer service, distribution grid technologies and SCADA operations, e.g., Smart Grid, AMI, SCADA, meter data management systems (MDMS), etc.
- Experience working with outsourced teams
- Demonstrated organizational and scheduling skills, strong time management skills
- Proven ability to lead a team of engineers, architects, and/or external resources
- Strategically oriented and can influence indirectly at the org and enterprise level as needed
- Expertise in working in partnership with colleagues throughout the enterprise, and in leading collaborative teams to achieve common goals
Minimum knowledge, skills, and abilities required of the position
- Knowledge of IT Security regulations and guidance such as NIST, FISMA & ISO27001
- Familiarity with The Open Group Architecture Framework (TOGAF), Open Web Application Security Project (OWASP), Open Security Architecture, National Institute of Standards and Technology (NIST) Cloud Computing Reference Architecture, or other architecture frameworks
- Able to be a hands-on manager with technical engineering and process management skills and the ability to advocate and influence positive transformation within the broader information technology organization
- Well-versed in security technologies & implementation
- Proficient in security ramifications of energy related regulations (SOX, HIPAA, NERC CIP, FERC, and NRC Nuclear Cyber (10 CFR 73.54)
- Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL
- Advanced knowledge of security technologies including Firewall, IDS/IPS/HIDS, anti-virus, SIEM, Vulnerability Scanning, Threat Intelligence sources, and familiarity with the MITRE ATT&CK framework and Cyber Kill Chain.
- Knowledge of current Information and Cyber Security trends
- Excellent report writing and ability to effectively communicate across the organization
- Available to travel
- Self-motivated, with the ability to manage and follow up on multiple tasks simultaneously
- Capable of meeting deadlines and budgets
- Ability to coordinate with Entergy's Audit, Legal, Supply Chain, Communications, Corporate Security and Risk Management organizations to understand requirements and ensure compliance with cyber security policies and standards
Minimum Education needed
Bachelor's degree in computer science, cyber security or a related discipline or equivalent work
Any certificates, licenses, etc., required for the position
ISACA certification, such as CISSP, CISM, CISA are a plus
Relevant vendor credentials offered by companies such as Symantec are a plus-HYB
Req ID: 110890
Contact
Entergy Corporation
639 Loyola Ave
New Orleans
Louisiana United States
www.entergy.com
From the same organization
29 Sep, 2025
29 Sep, 2025
