Primary Location: New York-Buchanan
Job Function: Information Technology
MRV Minimum Salary: $94,000.00
MRV Maximum Salary: $154,000.00
FLSA Status: Professional
Relocation Option: Not approved
Union description/code: NON BARGAINING UNIT-NBU
Number of Openings: 1.00
Req ID: 74146
Travel Percentage:Up to 25%
This role develops and applies IT standards and procedures, as well as provide support for real-time and control systems. The engineer performs a wide variety of routine and non-routine design and maintenance engineering activities, including but not limited to performance operations, planning, maintenance, computer applications, safety and root cause analysis.
Primary Duties & Areas of Responsibility:»
* Provides planning, guidance, and direction for the analysis, implementation, testing, debugging and documentation of cyber security controls for critical components and systems at the nuclear plants. This includes systems such as plant digital control systems, emergency planning systems, security systems and plant monitoring systems and components such as digital recorders, transmitters, feedback controllers, inverters/power supplies, relays, breakers, and process network infrastructure. * Provides planning guidance, and operational support for the site cyber security infrastructure which includes such items as SIEMS, vulnerability and compliance scanners, networking components, servers and workstations. * Plans and directs 24-hour system support of the cyber security program via establishment of call-outs. * Acts as a technical lead on the cyber security operations of the nuclear plant and the plant components identified as critical digital assets. Reviews the analysis of cyber security controls and recommends solutions to reduce the risk of cyber security sabotage to the nuclear plant and Entergy infrastructure. * Oversees and directs the implementation of plans required to ensure nuclear sites adhere to the 10CFR73.54 cyber security regulations and ensure the sites meet the regulatory requirements. * Plans and reviews periodic assessments, benchmarks and tabletops of the Cyber Security Program. Supports external parties in the audit and inspection of the Cyber Security Program. * Provides input and commentary to the development and revision of procedures and policies relevant to the Cyber Security Program. * Leads and reviews the analysis of incident response policies, takes an active role in cyber incident response and recovery, the identification of vulnerabilities in the network, and the performance of risk assessments on new and existing computer systems and equipment. * Provides a technical resource on computer network and system security issues and technologies. Responsible for assuring that networking systems are monitored against cyber-attacks and risk mitigation counter measures are implemented to ensure the security of the organization. * Develops and maintains a thorough knowledge of 10 CFR 73.54, NEI -08-09, site Cyber Security Plan, cyber security implementing procedures, and the cyber security defense‑in‑depth protective strategy. * Resolves questions and issues on cyber security, CDA identification, and application of cyber security controls. * Plans and monitors activities such as Critical Digital Asset (CDA) identification, design modifications involving CDA’s, control of portable digital media for connecting to CDAs, maintenance of CDA-relate documentation. * Maintains compliance to Cyber Security Program implementing procedures. * Participates in Emergency Response activities at the nuclear site (in addition to cyber emergency response).
Minimum Educational Background and Physical Requirements Required to perform Job:
* Bachelor’s Degree Engineering or Discipline or experience equivalent thereof, PD Desired, Advanced Engineering Degree helpful – desired as relevant , IT or Engineering experience (will review IT Degrees).
* Eight years’ experience (or 7 years with advanced degree) with applying security to critical digital assets. * Supervisory level experience. * Experience with the operation or engineering of a nuclear generating unit. * Experience with control systems security, security architecture, network security engineering or secure network development experience with electric power utilities. * Other positions that would support the development and progression would include the following : OT Engineer SR. * Will review other non-nuclear industrial plant experience .
Critical Knowledge, Skills, Abilities:
* Experience in implementing security control policy and procedures. * Knowledge of the operation of electric power and/or generation systems . * Knowledge of system hardening, patch management, and configuration management. * Knowledge of security controls testing, security audits, and security assessments. * Knowledge of fraud and computer forensics. * Knowledge and understanding of NIST controls.
* Highly motivated and ability to work with little direct supervision. * Effective Teamwork and Inclusion (e.g. works collaboratively, builds collaborative relationships). * Communicates openly, clearly and concisely, both verbally and in writing. * Ability to act in a Leadership role and establish priorities, support and clear direction to subordinates.
EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.
Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf.
Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties.
Pre-employment Testing: One way that Entergy has found to identify and assess the abilities and skills needed for certain jobs is through pre-employment testing. If this position does require an EEI test, the type of test will be located under the qualifications section of the job posting. If you are invited to a test session, we strongly recommend you review and complete the practice test as well as review the testing brochure for your respective test. The test brochure will give you critical information on the test such as time allocated and number of questions. Also, keep in mind that the actual test is timed; you should practice timing yourself while doing the practice tests. The practice test information and test brochures can be located by going to the EEI website, http://www.eei.org/practicetests, Logon ID: entergy, password: practice test (2 words).
In addition to EEI testing there is also Fit-for-Duty testing which will identify and assess the abilities and skills needed for certain jobs. If this position does require Fit-for-Duty testing, the type of test will be located under the qualifications section of the job posting.
Website : http://www.entergy.com
We suffered an employee fatality in 2012 and a contractor fatality in 2013. In 2012, employee lost-time injuries increased over 2011. This safety performance is devastating. We are working to build greater safety awareness and a stronger safety culture. Achieving an accident-free work environment for our employees and contractors remains a top priority.