ENGIE

Receive alerts when this company posts new jobs.

Similar Jobs

Job Details

Cyber Security, Senior Analyst (2301)

at ENGIE

Posted: 9/26/2019
Job Status: Full Time
Job Reference #: COR00000497
Keywords: security

Job Description

At ENGIE North America, innovation and excellence create a platform for growth. We have a range of businesses in the United States and Canada, including clean power generation, cogeneration, and energy storage; retail energy sales; and comprehensive services to help customers run their facilities more efficiently and optimize energy and other resource use and expense. Nearly 100 percent of our power generation portfolio is low carbon or renewable. Globally, ENGIE is the largest independent power producer and energy efficiency services provider in the world, with operations in 70 countries employing 150,000 people, including 1,000 researchers in 11 R&D centers.

 

We are looking for talented and motivated individuals to create the future of energy and customer solutions. Join a rewarding and flexible work environment that encourages innovation and creativity to help customers meet their energy challenges today and in the future.

The Role: Cyber Security, Senior Analyst

Purpose

Key member of the Cyber Security Team for ENGIE North America. Serves as principle steward of the identity access management process. Assists Digital Security Manager to assess, secure and monitor key digital assets. This position will be a member of the ENGIE NORAM Application/Digital Cyber Security Team and will work closely with software development, enterprise architecture and infrastructure in a DevSecOps Environment.

 

Location/Department

Houston, TX / IT-Cyber Security

 

Status

Salaried – Exempt

 

Essential Job Functions

  • Assist in IAM RBAC definition, provisioning cloud resources, as well as associated playbooks. Document security processes and standards surrounding IAM. Assess subsidiaries' current state IAM in relationship to standards. (Because of the Agile, DevOps project methodology we will be working at a very fast pace and constantly provisioning and securing assets across AWS & Azure.)

  • Serve as the security representative on software development projects for ENGIE Resources and ENGIE NORAM Digital Studio in order to implement Engie GROUP standards from initiation. Advise on security architecture for new projects in consultation with Senior Consultants, Security Operations Manager,

  • Digital Security Manager and CISO. Coordinate static scans in an AGILE delivery, DevSecOps Process. Steward the priority of remediations for vulnerabilities discovered from Static and Dynamic Scans. This would include SCA for embedded third-party software in our ecosystem.

  • Work under the tutelage of experienced consultants across AWS, Azure, C3.ai and other cloud environments to support the Engie North America Digital Studio.

  • Assist with cloud security incidents that the company may face in alignment with our incident response processes.




Qualifications

Requirements

 

  • Experience with an Identify Manager platform: Saviynt, SailPoint, Oracle IdM, etc.

  • Experience with Directory servers: Unbound ID/Ping, CA, Radiant Logic, Oracle Metadirectory

  • Experience in administration, installation and troubleshooting of IAM solution in an enterprise environment

  • Experience in maintaining an access management / SSO system in a large, complex organization (Okta a plus.)

  • Experience in standard operating procedures to perform IAM pre and postproduction support activities

  • Good knowledge of best practices in IAM systems design and maintenance Understanding of custom changes to IAM platforms leveraging scripting. (Ex. Python)

  • Extensive knowledge and skills in maintaining an access management / SSO system in a large, complex organization

  • Experience in managing deployments of an IAM platform

  • Experience with role mining, role-based access control and access certification (tools like Oracle IdM, SailPoint IdentityIQ or Saviynt)

  • Experience with an Application/Web Server: WebSphere, Jboss, WebLogic, Tomcat • Languages: Java, SQL Queries, Scripting languages, Stored procedures

  • Web Technologies: HTML, XML • Operating Systems: Windows 2008 / 2012, Unix, Solaris • Tools: VMware Workstation, LDAP Browser, SQL Developer • Oracle Database: 10g / 11g, MS-SQL Server 2005 / 2008

  • Knowledge of web application security, browser security models, and application security vulnerabilities such as the OWASP Top Ten

  • Deep understanding of network attacks, DDoS, Phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies

  • Experience working with multiple stakeholders such as engineering/operations teams, internal business units, external incident response teams, and law enforcement throughout the incident lifecycle.

  • Strong verbal and written communication skills, solid team player, with demonstrated abilities in analysis and problem-solving.

     

 

Essential Physical Abilities

 

  • Ability to meet highest attendance requirements

  • Ability to communicate effectively, both written and verbally

  • Ability to handle multiple assignments on a timely basis with a high degree of accuracy

  • Ability to use personal computer, calculator, etc.

  • Could involve some lifting

     

Education/Experience

  • A bachelor's degree in Computer Science or related technical degree or minimum of 5 years of IT Experience.

  • Industry certifications such as CISSP or CCSP.

  • 5-7 years of relevant experience or a combination of education or work experience

  • 5-7 years of experience with Identity Access Management, DEVSECOPS and Cloud Environments.

  • 1-3 years of experience of Cloud Development in AWS or AZURE including DEVSECOPS

  • 2-4 years' experience in an AGILE environment.

  • 2-4 years' experience with AWS, Azure security configuration and monitoring. Certifications preferred. Working knowledge of the public cloud infrastructure and services in AWS (IAM, VPC, KMS, CloudWatch, Systems Manager, S3, RDS, Route53, Lambda, AWS Config, etc.) is a strong plus.



 

 

Working Environment
Work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is not exposed to weather conditions. The noise level in the work environment is usually moderate.

 

For this role you must have authorization to work in the United States. Qualified applicants are considered for employment, and employees are treated during employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, veteran status, gender identity, or expression, genetic information or any other legally protected status.

 

This job advertisement is supported by the ENGIE Talent Acquisition team. Agency involvement is not required. All related inquires must be done to the Talent Acquisition team, not direct to ENGIE North America Managers.