NRG Energy, Inc. SENIOR SECURITY ANALYST in Princeton, New Jersey

NRG is the leading integrated power company in the U.S., built on the strength of our diverse competitive electric generation portfolio and leading retail electricity platform. A Fortune 500 company, NRG creates value through best-in-class operations, reliable and efficient electric generation, and a retail platform serving residential and commercial businesses. Working with electricity customers large and small, we implement sustainable solutions for producing and managing energy, developing smarter energy choices and delivering exceptional service as our retail electricity providers serve almost three million residential and commercial customers throughout the country.

More information is available at www.nrg.com. Connect with NRG Energy on Facebook and follow us on Twitter @nrgenergy.

Responsibilities:

This position will be responsible for securing the network infrastructure and information assets from threats. This position will have to work independently to identify and remediate potential threats, as well as work as part of a team to accomplish larger tasks and projects meeting company goals and objectives.

Job Requirements:

  • Must have knowledge and experience with network flow data, security logging and monitoring tools/techniques, including: Intrusion Detection/Prevention (IDS/IPS), application firewall, security event incident management (SEIM/SIM/SEM) systems

  • Must have knowledge of how to protect systems by defining access privileges, control structures, and resources

  • Must have knowledge of Windows and *nix Server hardening, as well as client OS hardening

  • Must have knowledge of Windows security tools, products, and concepts including, Active Directory, and Group Policy.

  • Must have knowledge of current virus/malware threats, virus breakout mitigation and prevention.

  • Must have working knowledge of network concepts, architectures, protocols and services (OSI-model, TCP/IP, major application protocols such as DNS, DHCP, RADIUS, SMB, FTP, SFTP, SSH, etc) on both Windows and *nix platforms

  • Must have working knowledge of network segmentation tools (firewalls, switches, routers, LAN/WAN, remote access)

  • Knowledge of third party security tools including Anti Virus (Trend Micro, Symantec, Forefront) and web filter proxies.

  • Experience with multi-factor authentication concepts and products

  • Experience with automated patching solutions (WSUS or equivalent)

  • Familiar with industry security websites and vulnerability disclosure reports (Mitre, SANS, Security Focus, Microsoft, Cisco)

  • Experience working in a regulatory environment (SOX, PCI DSS, NERC CIP or equivalent)

  • Familiar with forensic investigation tools and techniques, as well as chain of custody

  • Ability to develop strategic technical documentation and written communications relative to field of expertise (technical designs, Security Policies, standards documents, procedural documents)

  • Ability to create different ways to solve the existing threats and security issues

  • Ability to implement security improvements by assessing current situation, evaluating trends, and anticipating requirements

  • Ability to investigate intrusion and hacking incidents, collect incident responses, carry out network forensic investigations, and produce network analysis and incident handling documentation

  • Ability to assess cyber indicators and prevent and/or mitigate the risk

  • Ability to provide technical assessments of cyber threats and vulnerabilities

  • Must work well independently, with other team members, as well as provide support to other departments including Audit and Legal

  • Ability to respond to critical issues on 24/7 basis as needed

  • Ability to travel domestically approximately 10%

Required Qualifications:

  • Minimum of five years of experience in Information Technology industry, including experience in a large corporate IT environment or consulting.

  • Experienced level of knowledge of network infrastructure threats, and mitigation techniques required

  • Experience identifying and mitigating security gaps

  • Experience working on, and implementing changes on large networks

  • Demonstrated ability to communicate (verbal and written) with all levels of internal and external customers.

  • Demonstrated presentation, planning, and organizing skills.

  • Experience with virus and intrusion containment and mitigation

  • Demonstrated ability to work both independently and as a team member.

  • Demonstrated ability to set priorities and to respond to changing demands from multiple sources. Ability to exercise discretion and independent judgment in applying established techniques, procedures or standards;

  • Demonstrated ability to maintain confidentiality and handle sensitive information

  • Demonstrated analytical and problem solving skills.

Additional Optional Qualifications:

  • Bachelor s degree with a concentration in computer science, management information systems.

  • Knowledge of security network devices (firewalls, switches, SIEM, IPS/IPS, NAC, etc.) and other security networking hardware/software tools including Fortinet Fortigate security appliances and Forescout CounterAct.

  • Strong understanding of TCP/IP, subnetting, routing, access control lists, SPN, NAT, and network traffic analysis

  • Experience and knowledge of securing cloud computing environments including Amazon AWS and Microsoft Azure.

  • Familiar with Hard Drive encryption technologies and techniques

  • Knowledge of security concepts and tools, including vulnerability scanners and detectors like Nmap, Nessus, Paros, WebInspect, Secunia, etc.

  • Experience with encryption tools and concepts including: PGP, PKI, and digital certificates

  • Experience hardening services (web, ftp, file, etc.) following best practices

  • Experience with infrastructure security controls for Sarbanes Oxley, PCI DSS, and/or NERC CIP

  • Linux scripting experience (e.g. Ruby, Perl, Python, etc.)

  • Knowledge of Web development and coding technologies and best practices (PHP, Java, Javascript, AJAX)

  • Security certifications (CISSP, CISA or related)

  • Knowledge of network and application penetration testing tools/techniques

#SF-IND

#LI-RA

NRG Energy is committed to a drug and alcohol free workplace. To the extent permitted by law and any applicable collective bargaining agreement, employees are subject to periodic random drug testing, and post-accident and reasonable suspicion drug and alcohol testing. EOE AA M/F/Protected Veteran Status/Disability

EEO is the Law Poster(The poster can be found athttp://www.eeoc.gov/employers/upload/posterscreenreader_optimized.pdf)

Level, Title and/or Salary may be adjusted based on the applicant's experience or skills.

Official description on file with Human Resources