Southern Company Security Risk & Compliance Analyst in Atlanta, Georgia
Security Risk & Compliance Analyst
Purpose: This position supports the Southern Company Gas information security program to ensure the company’s information and critical infrastructure assets are adequately protected. The incumbent will collaborate with gas utility and commercial business units to define and implement business security requirements and goals, and to identify and resolve business security issues. The position also supports cyber security compliance programs in response to applicable regulations.
Education / Experience:
Possess a broad-based and in-depth knowledge of information security methodologies, tools, technologies and best practices and how they relate to the organization
Ability build strategic partnerships with key business leaders and influence them to invest appropriately in cybersecurity controls.
7 years experience in positions directly related to cybersecurity, risk assessments, and/or security consulting expertise
Experience conducting assessments of business security programs aligned with NIST Cybersecurity Framework and influencing business units to remediate gaps
Background experience with security technology administration ( e.g. firewalls, identity & access management, malware detection, remote access, system hardening, logging and monitoring)
Familiar with operational technology control system security and nation state sponsored threats
A bachelor’s degree in Engineering, Computer Science or related field
Industry certifications highly preferred (CISSP, CISA, CISM, GIAC)
Serves as subject matter expert in specialized aspects of information security and emerging and advanced technologies
Supports Southern Company Gas business units to ensure their data and systems are adequately protected from relevant threats.
Leads and collaborates with cross-functional IT and business unit teams across Southern Company to define, implement, manage cybersecurity controls aligned with business requirements
Engages with business units (e.g. regulatory, engineering, HR, legal, customer care, and training) to evaluate and implement security process to protect customer and employee data
Engages with Gas Operational Technology teams to support technology security controls
Conducts regular security program assessments and executes program updates as necessary to ensure compliance with all company policies and procedures as well as adapt to changing cyber threats and regulatory requirements
Consults with IT and business units on technology acquisitions and/or design of complex and/or strategically significant information security projects, emerging technologies, or technology-related services before they are implemented
Supports enterprise in all aspects of information security administration; trusted to handle confidential situations and data; conducts investigations and analysis as directed
Coordinates with corporate security to ensure cohesive security plans, coordinate audit and compliance efforts, and to identify and control risks of blended physical and cyber attacks
Must be able to pass background requirements and Insider Threat Program requirements
This position requires frequent (up to 10%) travel to office locations. Overnight travel is expected.
Southern Company (NYSE: SO) is America's premier energy company, with 44,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million electric and gas utility customers through its subsidiaries. The company provides clean, safe, reliable and affordable energy through electric utilities in four states, natural gas distribution utilities in seven states, a competitive generation company serving wholesale customers across America and a national recognized provider of customized energy solutions, as well as fiber optics and wireless communications. Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top utilities in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at www.southerncompany.com.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Field: Information Technology
Job Type: Standard
Primary Location: Georgia-Metro Atlanta-Atlanta
Operating Company: Southern Company Services
Job Type: Standard
Travel (Up to...): Yes, 25 % of the Time
Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)
241 Ralph McGill Blvd. NE
Req ID: SCS2009182