NRG Careers

Senior Security Analyst

Date Posted: Aug 5, 2020

Location: Houston, TX, US

Company: NRG

Job Description

NRG is the leading integrated power company in the U.S., built on the strength of our diverse competitive electric generation portfolio and leading retail electricity platform. A Fortune 500 company, NRG creates value through best-in-class operations, reliable and efficient electric generation, and a retail platform serving residential and commercial businesses. Working with electricity customers large and small, we implement sustainable solutions for producing and managing energy, developing smarter energy choices and delivering exceptional service as our retail electricity providers serve almost three million residential and commercial customers throughout the country.

More information is available at Connect with NRG Energy on Facebook and follow us on Twitter @nrgenergy.



  • This position will be responsible for securing, cloud computing infrastructure, internal network infrastructure and information assets from threats.  This position will have to work independently to identify and remediate potential threats, as well as work as part of a team to accomplish larger tasks and projects meeting company goals and objectives. 


Job Requirements: 

  • Must have knowledge of cloud computing security, deterrent controls, preventive controls, detective controls, and corrective controls.
  • Must have experience with cloud operational functions such as deploying serverless instances and managing roles, groups and users (Azure and AWS preferred).
  • Must be able to contribute to the design, integration, and testing of a suite of tools for security management of multi/single-tenant public cloud application services.
  • Must be able to collaborate with stakeholders using Agile process to ensure design, implementation, and continuous monitoring of cloud solutions across multiple domains.
  • Must have knowledge and experience with network flow data, security logging and monitoring tools/techniques, including: Intrusion Detection/Prevention (IDS/IPS), application firewall, security event incident management (SEIM/SIM/SEM) systems.
  • Must have working knowledge of network segmentation tools (firewalls, switches, routers, LAN/WAN, remote access).
  • Experience with multi-factor authentication concepts and products.
  • Ability to investigate intrusion and cyber incidents, collect incident responses, carry out network forensic investigations, and produce network analysis and incident handling documentation.
  • Ability to assess cyber indicators and prevent and/or mitigate the risk.
  • Ability to provide technical assessments of cyber threats and vulnerabilities.
  • Must work well independently, with other team members, as well as provide support to other departments including Audit and Legal.

Required Qualifications:

  • Bachelor’s degree with a concentration in computer science, management information systems or related field or 4+ years of equivalent experience?
  • Five years of experience in Information Technology industry, including experience in a large corporate IT environment or consulting.
  • Two years of experience in working with cloud technologies and securing cloud computing environments, including Amazon AWS and Microsoft Azure.
  • Ability to respond to critical issues on 24/7 basis as needed.
  • Ability to travel domestically approximately 10%.

Preferred Qualifications:

  • Experience level of knowledge of network infrastructure threats, and mitigation techniques.
  • Experience identifying and mitigating security gaps.
  • Experience working on and implementing changes on large networks.
  • Demonstrated ability to communicate (verbal and written) with all levels of internal and external customers.
  • Demonstrated presentation, planning, and organizing skills.
  • Experience with virus and intrusion containment and mitigation.
  • Demonstrated ability to work both independently and as a team member.
  • Demonstrated ability to set priorities and to respond to changing demands from multiple sources. Ability to exercise discretion and independent judgment in applying established techniques, procedures or standards.
  • Demonstrated ability to maintain confidentiality and handle sensitive information.
  • Demonstrated analytical and problem-solving skills.


Additional Optional Qualifications:

  • Knowledge of cloud infrastructure service broker.
  • Knowledge of scripting languages (e.g. Ruby, Perl, Python, etc.).
  • Knowledge of Web development and coding technologies and best practices (PHP, Java, JavaScript, AJAX).
  • Knowledge of zero-trust environment and its policy.
  • Knowledge of security network devices (firewalls, switches, SIEM, IPS/IPS, NAC, etc.) and security networking hardware/software tools.
  • Strong understanding of TCP/IP, subnetting, routing, access control lists, SPN, NAT, and network traffic analysis.
  • Familiar with Hard Drive encryption technologies and techniques.
  • Knowledge of security concepts and tools, including vulnerability scanners and detectors.
  • Experience with encryption tools and concepts including: PGP, PKI, and digital certificates.
  • Experience hardening services (OS, web, ftp, file, etc.) following best practices.
  • Experience with infrastructure security controls for SOX, PCI DSS, or NERC CIP.
  • Security certifications (CISSP, CISA, CCSP, or related).
  • Knowledge of network and application penetration testing tools/techniques.



NRG Energy is committed to a drug and alcohol free workplace.  To the extent permitted by law and any applicable collective bargaining agreement, employees are subject to periodic random drug testing, and post-accident and reasonable suspicion drug and alcohol testing. EOE AA M/F/Protected Veteran Status/Disability
EEO is the Law Poster (The poster can be found at

Level, Title and/or Salary may be adjusted based on the applicant's experience or skills.

Official description on file with Human Resources

Nearest Major Market: Houston