Information Security Engineer - Hybrid

At NRG, we're bringing the power of energy to people and organizations by putting customers at the center of everything we do. We generate electricity and provide energy solutions and natural gas to millions of customers through our diverse portfolio of retail brands. A Fortune 500 company, operating in the United States and Canada, NRG delivers innovative solutions while advocating for competitive energy markets and customer choice, working towards a sustainable energy future. More information is available at www.nrg.com. Connect with NRG on Facebook, LinkedIn and follow us on Twitter @nrgenergy.

This position will be responsible for securing the network infrastructure and information assets from threats. This position will have to work independently to identify, respond and remediate potential threats, as well as work as part of a team to accomplish larger tasks and projects meeting company goals and objectives.

Essential Duties/Responsibilities:

• Must have working knowledge of Windows Desktop OS, Windows Serves and Unix Servers.
• Must have knowledge of Windows security tools, products, and concepts including, Active Directory, and Group Policy.
• Must have experience with encryption tools and concepts.
• Must have knowledge of current virus/malware threats, virus breakout mitigation and prevention.
• Must have working knowledge of network protocols and services (DNS, DHCP, RADIUS, SMB, FTP, SFTP, SSH, etc.) on both Windows and *nix platforms
• Must have working knowledge of basic network architecture and network segmentation tools and concepts (firewalls, switches, routers, LAN/WAN, remote access)
• Must have knowledge of Intrusion Detection/Prevention (IDS/IPS)
• Knowledge of security concepts and tools, including vulnerability management, vulnerability scanners and Web Filtering etc.
• Knowledge of Cloud technologies including Azure, AWS, defender & Intune is preferred.
• Knowledge of security event incident management (SEIM/SIM/SEM) systems.
• Experience or knowledge of multi-factor authentication concepts and products like Azure MFA.
• Experience or knowledge of automated patching solutions (WSUS or equivalent)
• Familiar with Hard Drive encryption technologies and techniques
• Familiar with industry security websites and vulnerability disclosure reports (CIS, SANS, Security Focus etc.)
• Knowledge of compliance frameworks (SOX, PCI DSS, NERC CIP or equivalent)
• Familiar with forensic investigation tools and techniques, as well as chain of custody
• Ability to develop strategic technical documentation and written communications relative to field of expertise (technical designs, Security Policies, standards documents, procedural documents)
• Must work well independently, with other team members, as well as provide support to other departments.
• Ability to respond to critical issues on 24/7 basis as needed
• Ability to travel domestically approximately 10%

Working Conditions:

• Open office environment.
• Travel - 10%

Minimum Requirements:

• A candidate must have either a bachelor's degree in Computer Science or possess relevant IT experience.
• Three to Five years of experience in Information Technology industry, including experience in a large corporate IT environment or consulting.
• Basic level knowledge of network infrastructure threats, and mitigation techniques required
• Experience or knowledge of identifying and mitigating security gaps
• Demonstrated ability to communicate (verbal and written) with all levels of internal and external customers.
• Experience with virus and intrusion containment and mitigation
• Demonstrated ability to work both independently and as a team member.
• Demonstrated ability to set priorities and to respond to changing demands from multiple sources. Ability to exercise discretion and independent judgment in applying established techniques, procedures, or standards.
• Demonstrated ability to maintain confidentiality and handle sensitive information
• Demonstrated analytical and problem-solving skills.
• Experience working in a retail IT environment at an energy company strongly preferred

Preferred Qualifications:

• A candidate must have either a bachelor's degree in Computer Science with a focus on Information Security or relevant certifications in Information Security or completed Information Security classes or possess relevant field experience.
• Three to Five years of experience in Information Technology industry, including experience in a large corporate IT environment or consulting.
• Moderate level knowledge of network infrastructure threats, and mitigation techniques required
• Experience or knowledge of identifying and mitigating security gaps
• Demonstrated ability to communicate (verbal and written) with all levels of internal and external customers.
• Experience with virus and intrusion containment and mitigation
• Demonstrated ability to work both independently and as a team member.
• Demonstrated ability to set priorities and to respond to changing demands from multiple sources. Ability to exercise discretion and independent judgment in applying established techniques, procedures, or standards.
• Experience working in a retail IT environment at an energy company strongly preferred

Additional Knowledge, Skills and Abilities:

• Experience with infrastructure security controls for Sarbanes Oxley, PCI DSS, and/or NERC CIP
• Linux scripting experience (e.g. Perl, Python, etc.)
• Knowledge of Web development and coding technologies and best practices (PHP, Java, JavaScript, AJAX)
• Security certifications (CISSP, CISA, Security+, or related)
• Knowledge of network and application penetration testing tools/techniques

Why NRG is a great place to work:• Great company culture!! Voted as a BEST employer by Forbes• A competitive total compensation package, including annual incentive and/or commission• Stock Purchase Plan • Benefits on the first day of employment - Medical, Dental, Vision, Life Insurance, and Short Term Disability, Wellness program, etc. • Company-paid life insurance and disability insurance• 401 (k) plan to help save for retirement• Generous PTO plan, plus 8 company holidays, and 3 floating holidays• Numerous discounts, including electricity discounts on NRG brands

The salary range for this role is $74,000 - $100,000. Pay is based on several factors, including but not limited to education, work experience, certifications, etc.

NRG Energy is committed to a drug and alcohol free workplace. To the extent permitted by law and any applicable collective bargaining agreement, employees are subject to periodic random drug testing, and post-accident and reasonable suspicion drug and alcohol testing. EOE AA M/F/Protected Veteran Status/Disability

EEO is the Law Poster (The poster can be found at http://www.eeoc.gov/employers/upload/poster_screen_reader_optimized.pdf)

Level, Title and/or Salary may be adjusted based on the applicant's experience or skills.

Official description on file with Talent.