BRIEF POSITION DESCRIPTION
The Security & Regulatory Technical Writer will be responsible for documenting the framework to ensure that the security organization's practices remain observant to security and compliance directives required by North American Electric Reliability Corporation (NERC), Critical Infrastructure Protection (CIP), Nuclear Regulatory Commission (NRC), Nuclear Cyber (10 CFR 73.54), Sarbanes Oxley (SOX), Heath Insurance Portability Accountability Act (HIPAA), cyber risk, etc. The Technical Writer, presents, and trains on the programs and processes required to secure Entergy's critical systems and assets as well as meet or exceed Entergy's commitment and obligation to the various regulatory bodies and internal Entergy groups.
This position is expected to have operational expertise in areas of Information Security, Operational Technology, Cybersecurity, electrical power, professional auditing, and risk-based compliance processes.
This role will participate in communications with information sharing centers, and industry peers on the status of Entergy's documentation status.
JOB DUTIES:
- Utilizes applicable change management methodology to assure effective implementation of documentation changes (e.g. policies, procedures, standards, etc.) changes including interfacing between multiple business units.
- Conducts and/or obtains necessary program and process champion or owner reviews.
- Participates in corrective action program activities including self-assessments, benchmarking and condition reporting and response.
- Exhibits strong teamwork and problem-solving skills.
- Ensures compliance with applicable requirements, regulations, and procedures such as NERC CIP compliance, SOX, HIPAA, etc. and is familiar with routine supply chain operating data, corrective action reports, and evaluates data as needed to support compliance and process improvement.
- Proposes, develops, and writes documentation changes that improve efficiency and compliance.
- Serves as a shared resource as required.
- Performs other activities such as presentation development, training material development, etc.
- Exhibits subject matter expertise in one or more areas of compliance and/or cybersecurity
MINIMUM REQUIREMENTS
Minimum Education needed:
Bachelor's degree strongly preferred in computer science, cybersecurity, internal audit or a related discipline or equivalent work experience, Master's degree a plus.
Minimum Experience needed:
- Minimum 6 years of regulatory compliance and auditing experience as it relates to IS
- Good communication skills with internal stakeholders
- Strong writing skills
- Experience with cybersecurity operations
- Experience working with direct, indirect, and outsourced resources
- Exposure to operations playbooks, run books, and performance measures
- Some experience maintaining operations leveraging industry best practices
- Experience with data analysis, data integration, and data validation activities with large, regulated utilities or related industry preferred
Minimum knowledge, skills, and abilities required of the position
- Knowledge of security ramifications of applicable regulations (NERC CIP, SOX and HIPAA)
- Knowledge of security, risk, and control frameworks and standards such as ISO 27001, NIST, FISMA & COBIT
- Ability to quickly adapt to changing events and priorities
- Social, verbal, and written communication skills, with ability to effectively present analytical data
- Detail oriented with the ability to interpret regulatory requests and corresponding data
- Available to travel
- Comfortable working in high stress and ambiguous environments
- Capable of meeting deadlines
Any certificates, licenses, etc., required for the position
- ISACA certification, such as CISSP, CISM, CISA preferred
Req ID: 115260
Read the full posting.Entergy Corporation
639 Loyola Ave
New Orleans
Louisiana United States
www.entergy.com