Security Architect, Specialist

Security Architect, Specialist

Description

At Southern Company, our core objective is to ensure a safe and reliable computing environment for the consumers of our services, both internally and externally. Our complex environment generates a constant stream of challenges which require continual innovation with an evolving set of technologies. Keeping the network safe and reliable ensures that our users stay connected with our applications, products and services. Southern Company is committed to supporting the professional development and growth of its employees and fosters an environment of diversity, equity, and inclusion.

Position Overview:

Southern Company is seeking a passionate and experienced Threat Assessment Architect to join our Technology Security organization. This is a hands-on leadership role that will support the manager in directing and overseeing activities focused on proactively searching for exposed risks and evidence of suspicious behavior, adversarial behavior, or unauthorized access to network and systems. This role will support day-to-day continuous vulnerability management operations and assessments, attack surface and risk exposure assessments, cyber threat hunting operations, operationalization of threat intelligence for cyber defense operations, and collaboration with other Technology Security teams and stakeholders. Work outputs will support implementation of security technologies and controls to improve defensive posture, implementation of processes in support of investigations, and development of detection capabilities.

The ideal candidate will be able to align strategy and execution to increase cybersecurity maturity, anticipate future requirements, drive initiatives via influence and relationships into business processes, keep up with current security trends, be focused on results, and be a self-starter.

Qualifications:

• Bachelor's degree in computer science, technology, engineering or security-related field or equivalent experience
• Minimum 7 years IT security experience, 5 years with Master's degree, or equivalent experience
• Demonstrated experience in security operations, including vulnerability management, SOC and security monitoring, incident response, host/network forensics, penetration testing, cyber threat intelligence, malware analysis, or security consulting
• Ability to assess vulnerabilities and deviations from standard configuration baselines
• Advanced knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, code injection, race conditions, covert channel, replay, return-oriented attacks)
• Demonstrated ability to work outside of the standard enterprise tools and alerts to identify adversarial behavior and conduct attack surface assessments
• Understanding and familiarity with different operating systems (e.g., Windows and LINUX/UNIX systems)
• Broad knowledge of core information security principles (e.g., access control, least privilege, data integrity) and security capabilities
• Familiar with threat intelligence lifecycle and adversary TTPS, including Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APT, or Insider Threat is ideal
• Experience drafting or supporting the development of security processes and procedures for security operations as sell as organizational security standards and policies
• Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments
• Capable of understanding large amounts of data, identifying significant risks to business operations, and consolidating that information into easy-to-understand summaries. Tracks relevant information and develops strategies to remediate risks
• Ability to effectively collaborate with stakeholders across an enterprise environment
• Solid verbal and written communication skills required

Job Responsibilities:

• Exemplify a leadership approach focused on building, inspiring, and developing outstanding teams.
• Construct and carry out a strategic vision for rigorous and scalable security controls with key performance indicators.
• Serve as a trusted advisor to our stakeholders, by designing security solutions, for better security and business enablement.
• Align forward thinking strategy with business goals to integrate and raise the bar on security practices and solutions.
• Advise development of program objectives, priorities, and strategy
• Work with manager to identify and track specific metrics and outcomes to demonstrate team value proposition
• Lead, design and conduct structured, hypothesis driven threat hunting engagements and attack surface assessments
• Support and drive prioritization of remediation activities for vulnerabilities identified in assets, devices, and applications
• Leverage threat actor and offensive techniques to identify flaws and vulnerabilities in enterprise systems, networks, and applications that can be exploited by threat actors.
• Maintain knowledge of the current security threat landscape by monitoring related internet postings, intelligence reports and other sector specific sources as necessary
• Collect and analyze data from multiple sources and tools to assess risk exposure and discover evidence anomalies or adversarial behavior
• Work alongside Cyber Threat Intelligence team to evaluate and gain knowledge regarding threat actor behaviors, TTPs, known exploited vulnerabilities, and cyber threat landscape
• Advise and support implementation of security controls and solutions to improve defensive capabilities based on lessons learned from hunting engagements
• Partner with Threat Analysis and Incident Response teams to create initiatives focused on evaluating threat actors' techniques and identifying solutions to improve defensive capabilities
• Mentor others to strengthen cybersecurity principles and best practices to outside operational areas.
• Apply strong leadership and strategic thinking to a diverse set of opportunities and challenges.
• Establish and maintain excellent working relationships and partnerships across the Technology Organization functions, business partners, and external vendors and suppliers.
• Assist manager with development of presentations and communication pieces for key stakeholders and senior leadership regarding hunting engagements, identified anomalies, suspicious activity or other potential threats
• Present and communicate outcomes of team engagements and assessments with key stakeholders and business partners
• Create an environment that fosters accountability, innovation, and engagement at all levels.
• Act as a student of the business and technology, anticipating future needs and shifts in technology and energy industries.
• Appreciate and leverage the valuable inputs that come from diverse backgrounds and individual differences.
• Demonstrate Southern Company values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment

Job Requirements :

• Must be willing and able to obtain and maintain US government security clearance"
• Required to submit to a thorough background examination
• Strong technical consulting experience: ability to understand business requirements and present appropriate solutions
• Ability to work independently or within a team
• Demonstrated ability to influence management and key stakeholders
• Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions
• Strong oral and written communication skills, and the ability to communicate very complex or risk-related concepts to technical and non-technical audiences
• Experience with integrating and optimizing technologies and solutions
• Must pass NERC CIP & Insider Threat Protection background checks
• One or more relevant industry certifications (GSEC, CISSP, GCIA, GMON, GCFA, GCFE, GREM, CEH, OSCP)
• Occasional travel to local and regional locations in pursuit of the job duties and requirements

#LI

Southern Company (NYSE: SO) is America's premier energy company, with 46,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million customers through its subsidiaries . The company provides clean, safe, reliable and affordable energy through electric operating companies in four states, natural gas distribution companies in seven states, a competitive generation company serving wholesale customers across America and a nationally recognized provider of customized energy solutions, as well as fiber optics and wireless communications . Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top energy companies in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at www.southerncompany.com.

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Field: Information Technology

Job Type: Standard

Primary Location: Alabama-Metro Birmingham/Eastern AL-Birmingham

Operating Company: Southern Company Services

Other Locations: Georgia-Metro Atlanta-Atlanta

Job Type: Standard

Travel (Up to): Yes, 25 % of the Time

Work Location(s):

The Energy Center - 3535 Colonnade Parkway (3535Birmingham)

3535 Colonnade Parkway

Birmingham, 35243

Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)

241 Ralph McGill Blvd. NE

Atlanta, 30308

Req ID: SCS2010860