Southern Company IT Security- Fusion Center Team Lead in Atlanta, Georgia

IT Security- Fusion Center Team Lead



A leading U.S. energy company seeks an IT security professional to join an Insider Threat Fusion Center in a technical leadership role. The candidate will directly support the company’s efforts to address real and potential insider threats to the company’s facilities, personnel, technology, operations, and brand. The selected candidate will serve as the Fusion Center Team Lead charged with: 1) managing the analytical work of the team, 2) advancing technical capabilities, and 3) coordinating programmatic elements with other company stakeholders.

The Team Lead will leverage his/her background in leading others, managing technology/cybersecurity projects, program management, and cyber-physical threat analysis to identify and track potential insider threat activity, primarily using digital data sources. The successful applicant should have a demonstrable track record of successfully teaming with other organizational components to identify and mitigate risk in both the technology and human domains. The Team Lead will deliver clear and concise assessments, briefings, and reports to partners and executive leadership. The Team Lead will also need to understand operational risks at the corporate level and develop relationships across the company that will support coordinated response strategies based on the company’s Insider Threat Mitigation Program plan. The position will report to the Manager of Advanced Threat Hunting and Deterrence within the Threat Management and Intelligence Department.


  • Spend about 50% of his/her time leading the Fusion Center Team in performing threat analysis, documenting and presenting findings, and improving existing methodologies for technical threat assessment

  • Spend about 50% of his/her time managing the programmatic aspects of the Fusion Center, including IT projects to create new capabilities

  • Lead the day-to-day operations of the Insider Threat Fusion Center

  • Lead the deployment of innovative data correlation tools and practices

  • Lead efforts to monitor and track activity that crosses risk thresholds and conduct inquiry to classify activity for further investigation and resolution

  • Understand and utilize relevant data sets, analytic techniques, and visualization tools to assimilate and interpret sources from across the company and identify potential insider threat behavior

  • Compare analytic results against known tactics, techniques and procedures historically associated with advanced insider threats

  • Communicate alerts on potential insider activity to cross-functional teams

  • Coordinate with working-level representatives to Fusion Center from key organizations such as human resources, general counsel, compliance, etc. for information sharing, situational awareness and determination of responsive action on insider threats

  • Lead the implementation of workflows for insider threat evaluations

  • Lead the production of defined-scope threat assessments to assist in mitigating identified insider vulnerabilities

  • Manage data loss prevention (DLP) capabilities to mitigate corporate risk

  • Provide operational and programmatic briefings to management

  • Support definition, monitoring, and reporting of effectiveness metrics on an ongoing basis



  • BA/BS in computer science, technology, engineering or security-related field or equivalent experience

  • Minimum of five (5) years of relevant professional security experience, or three (3) years with Master’s degree

  • Independent thinker with strong analytical and problem-solving skills

  • Prior team leadership in a technology environment

  • Experience leading the enterprise deployment of new analytic tools in an IT environment

  • Understanding of best practices for detecting and classifying insider threats

  • Familiarity with behaviors and indicators, both physical and information systems-related, associated with insider threats

  • Demonstrated expertise using multiple analytic methodologies, programs, and tools in support of cyber and human threat analysis

Preferred Qualifications

  • Experience in security operations center environment

  • Experience communicating with senior stakeholders inside and outside the company

  • Insider Threat or Information Security certification such as ITPM or CISSP

  • Familiarity with insider threat-focused tool sets

  • Knowledge of best practices for tuning cybersecurity technologies to maximize probability of insider threat detection while minimizing false positives

  • Experience using DLP and User Behavioral Analytics (UBA) tools

  • Familiarity with global threats to the energy sector


Southern Company (NYSE: SO) is America's premier energy company, with 46,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million customers through its subsidiaries . The company provides clean, safe, reliable and affordable energy through electric operating companies in four states, natural gas distribution companies in seven states, a competitive generation company serving wholesale customers across America and a nationally recognized provider of customized energy solutions, as well as fiber optics and wireless communications . Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top energy companies in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Field: Information Technology

Job Type: Standard

Primary Location: Georgia-Metro Atlanta-Atlanta

Operating Company: Southern Company Services

Job Type: Standard

Travel (Up to...): Yes, 25 % of the Time

Work Location(s):

Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)

241 Ralph McGill Blvd. NE

Atlanta, 30308

Req ID: SCS2007694