Risk Analyst Lead

Entergy
The Woodlands, Texa, Un
Full-time
We are sorry. The job offer you are looking for is no longer available.

Work Place Flexibility : Hybrid

Legal Entity : Entergy Services, LLC

JOB SUMMARY / PURPOSE

The Risk Analyst Lead is responsible for assisting with the implementation and monitoring of Entergy’s vendor management processes.

They are responsible for verification and audit of security controls for third-party vendors and internal Entergy projects.

They perform assessments, verifications, reviews and audits of security / privacy control reports and overall security / privacy stance across the enterprise, including vendors and third-party relationships.

They conduct security testing and evaluations of system security controls (production and project) as necessary.

The Risk Analyst Lead works directly with all lines of business to track vendor review requests, gather data on the vendors and reports out to management on the status of these requests.

They will also assist the CSO department to raise employee awareness of security risks and methods to protect company critical infrastructure, data and assets.

This role drives security control objectives to mitigate the risk from existing and evolving vulnerabilities and threats for on-site, off-shore and cloud solutions.

JOB DUTIES / RESPONSIBILITIES

  • Tracks Vendor Assessment Review Requests and communicates status to requestors
  • Reviews assessment reports against asset control objectives to determine effectiveness
  • Completes vendor risk assessments (vendor assessments, supply chain assessments, etc.) as necessary
  • Reports out on control testing through Controls Dashboard
  • Prepares summary and detailed reports on vendor risk across the enterprise
  • Provides guidance to the business to ensure requirements of the VRM program are fully understood.
  • Present reports of high-risk vendor contracts and procurement high risks / ineffective controls and highlights vendor risks and the action planned to address inadequate controls to executive management
  • Lead assessment of vendor risks, develop mitigation plans and partner with internal stakeholders to assign monitoring responsibility
  • Partner with Business Units & internal support functions to help ensure that all risk assessment and mitigation requirements have been met
  • Perform data analytics & reporting activities. Provide & maintain vendor risk reporting mechanisms, and track and report outcomes from vendor management activities.

Collect, organize, and distribute reports & documents & recommend enhancements to reporting & audit tools

  • Analyze, update, and modify procedures and processes to identify and continuously implement vendor risk management process improvements
  • Stay informed about the latest developments in the vendor risk management field

MINIMUM REQUIREMENTS

Minimum education required of the position

Bachelor’s degree in Business, Computer Science or related field, or equivalent work experience

Minimum experience required of the position

5+ years of experience in internal or external auditing, security testing, or risk management and analysis

3+ general IT experience

3+ years of IT security or IT risk management experience

Minimum knowledge, skills and abilities required of the position

  • Excellent problem-solving and decision making ability
  • Excellent written and verbal communication skills
  • Excellent technical documentation skills
  • Professional demeanor, exceptional interpersonal skills, including teamwork, facilitation and negotiation
  • Team player, highly collaborative, able to work cross-functionally
  • Resourceful and self-motivated, able to work independently when required
  • Able to lead teams of up to five individuals in Assessments and cross-functional activities
  • Broad breadth of technical skills and experience in IT, security, and privacy
  • Excellent planning, organizational and project management skills; detail and process-oriented; able to multi-task a number of different projects
  • Strong knowledge of generally applicable and accepted audit and risk frameworks (e.g. COBIT, CAG 20 Critical Security Controls, NIST, UCF) and government guidelines and laws (e.

g. Sarbanes Oxley Act, NERC / CIP, HIPAA, FCC)

Strong understanding of regulatory requirements impacting the utility industry (SOX, HIPAA, NERC CIP, Smart Meter / Smart Grid, etc.

with subject matter expert knowledge in one or more areas

Desired Skills

  • Knowledge of Vendor Risk Management tools
  • Knowledge of Micrsoft PowerBI

Any certificates, licenses, etc. required for the position

One or more of the following certifications or comparable :

  • Certified Third Party Risk Professional (CTPRP)
  • Certified Third Party Risk Assessor (CTPRA)
  • Certified Authorization Professional (CAP)
  • Certified Information Systems Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified in the Governance of Enterprise IT (CGEIT)
  • Certified Information Systems Auditor (CISA)
  • Certified Protection Profession (CPP)

OTHER ATTRIBUTES

Functional Knowledge : Security Control frameworks and testing tools and procedures

Business Expertise : Security control impact and mitigation coordination

Leadership : Able to lead teams of up to five individuals in A&V and cross-functional activities

Problem Solving : Planning, organizational and project management skills; detail and process-oriented; able to multi-task a number of different projects

Impact : System security posture

Interpersonal Skills : Collaboration, Self-Starter

LI-SB1

LI-HYBRID

Primary Location : Texas-The Woodlands Arkansas : Little Rock Louisiana : New Orleans Mississippi : Jackson Texas : The Woodlands

Job Function : Professional

FLSA Status : Professional

Relocation Option : No Relocation Offered

Union description / code : NON BARGAINING UNIT

Number of Openings : 1

Req ID : 115382

Travel Percentage : Up to 25%

An Equal Opportunity Employer, Minority / Female / Disability / Vets. Please click here to view the EEI page, or see statements below.

EEO Statement : The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws.

The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status.

Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated.

Accessibility : Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf.

If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click here and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for.

Employee Services will contact you regarding your request.

Additional Responsibilities : As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and / or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company.

Exempt employees may not be paid overtime associated with such duties.

Entergy Pay Transparency Policy Statement : The Entergy System of Companies (the Company) will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.

However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company’s legal duty to furnish information.

41 CFR 60-1.35(c). Equal Opportunity and Pay Transparency .

Pay Transparency Notice :

Pay Transparency Nondiscrimination Provision (dol.gov)

The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment.

Please contact [email protected] to schedule a time to review the affirmative action plan during regular office hours.

WORKING CONDITIONS :

As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and / or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company.

Exempt employees may not be paid overtime associated with such duties.

Please note : Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.

30+ days ago
Related jobs
Promoted
Consolidated Communications
Conroe, Texas

Previous experience as a data analyst, data engineer, data scientist or in a similar role. We are seeking a highly skilled Senior Data Analyst to join our team as we build an Analytics and Data Engineering function within the Marketing business unit capable of capitalizing on our growth opportunitie...

Promoted
CEVA Logistics
TX, United States

The Senior Security Intelligence Analyst leads the development of an intelligence program to support CEVA North America (United States, Canada, and Mexico). The Senior Security Intelligence Analyst is responsible for developing policies and procedures to support active collaboration across business ...

Promoted
Telios Corporation
TX, United States

Your role will encompass meticulous planning, seamless execution, setting and tracking project milestones, and adept stakeholder management to ensure project success from inception to fruition. Develop comprehensive project plans, including scope, schedule, budget, and resources, in collaboration wi...

Promoted
Russell Tobin
TX, United States

Report directly to the Project Manager over your project. Are you an Assistant Project Manager with 1-4 years of mixed Commercial experience?. Assist the Project Manager with daily reports. Our client is one of Austin, TX leading Commercial GCs and boasts a project portfolio that includes clients wi...

Promoted
Harnham
TX, United States

This includes a Lead Business Data Analyst to support the product development lifecycle alongside Product Owners and project teams. Business Analyst, Product Manager, Business Systems Analyst or similar. This automotive supply chain company is going through a digital transformation to push ML/ AI in...

Promoted
Robert Half
Spring, Texas

A client of ours seeking a Credit Analyst to join their team in The Woodlands, Texas. This role involves assessing the creditworthiness of current and potential customers, maintaining credit files, and coordinating with other departments to ensure efficient operation. Evaluate the creditworthiness o...

Promoted
Apex Systems
TX, United States

Collect, organize, and maintain financial data and documentation, reconcile obligations and disbursements, and verify accuracy of data in various financial and payment systems. Perform and conduct data collection and analysis, including business case analysis, analysis of alternatives, cost-benefit ...

Promoted
Connective Talent
TX, United States

Join one of the nation's top ranked Title Insurance companies, looking for an Application Security Engineer to join their security team. Highly visible - Direct channels to the Director of Information Security. Expertise in cloud security - Azure environments preferred. Experience with API security ...

Promoted
Entergy
Spring, Texas

Credit Analyst, Pre-Sales, RFP, Risk Management, Corporate Finance, Finance, Sales. Assesses the credit worthiness of non-residential customers and collaborates with cross-functional teams to negotiate appropriate amounts and forms of securitization of customer obligations. Leads the credit evaluati...

Promoted
Dexian - DISYS
Spring, Texas

Model compliance tests as defined in legal documents onto in-house systems. Train and share knowledge with junior analysts. Advanced knowledge of CLO compliance calculations and financial modeling. ...