SCS Technology Security
Security Validation and Remediation Engineer
Job Description
Southern Company, a major U.S. energy firm, is seeking a seasoned cybersecurity professional with an engineering background to reduce risk as part of the Cyber Security Assurance Team. This hybrid role will directly support the company's efforts to mitigate real and potential cyber threats to the company's facilities, personnel, technology, operations, and brand - including critical electric and gas utility infrastructure and its privately owned telecommunications network. A successful applicant in this role will make substantive and measurable improvements to the security posture of numerous Southern company technology environments and resources while shaping future architectures, toolsets, and cyber security strategy.
While Southern Company is headquartered in Atlanta, we bring energy to homes and businesses across the country. We have made our name as a leading producer of clean, safe, reliable, and affordable energy, and we approach each day as a vital step in building the future of energy. We are always looking ahead, and our innovations in the industry-from new nuclear to deployment of electric transportation and renewables -help brighten the lives and businesses of millions of customers nationwide. Our team is critical to building the future of energy with secure, resilient, and sustainable cyber solutions.
Position Overview:
This hybrid role is within the Southern Company Technology Security (TS) organization and reports directly to Southern Company's Cybersecurity Assurance Manager, working in support of the Controls Validation Team Lead. This -purple- technical teammate will leverage continuous control validation tools including breach and attack simulation to assess the security of multiple information environments, enable rapid hardening efforts when needed, and communicate any risks identified to enable resourcing and prioritization decisions. Additionally, this engineer will validate that a sampling of complex and critical technology solutions deployed in our IT, OT, and multi-cloud environments were securely implemented per the approved design, assisting other technology teams in hardening/remediating new or in-service systems per Southern Company technology requirements and security best practices. This engineer will be a key player in our efforts to reduce security risk over time.
The role can currently be performed largely remotely with some in-office presence required; in-office expectations may increase over time depending on Company policy.
Job Responsibilities:
Operate Southern Company's breach and attack simulation (BAS) capability, other control validation solutions, and available logging to validate security controls and processes, continuously evolving usage to expose any gaps that could be leveraged by advanced threat actors
Collaborate extensively across the TS team with other SMEs and security solution owners, particularly with our Digital Defense Center
Using company credentials, authorized system access, and Southern security tools, perform technical validation for selected Southern Company technology solutions
Assess implemented system design, configurations, architecture, and associated cyber security controls; compare to approved design and Company policies/requirements
Document and communicate any discrepancies to Assurance leadership, principal security architects, and technology stewards in a manner that conveys both the significance of any risks identified and an understanding of related business impact. Educate related business owners about the -why- of often complex cybersecurity topics
In partnership with both Red and Blue teams, lead, perform, and/or facilitate hardening or remediation efforts for misconfigurations, instances of non-compliance, and/or security risks
As an -Assurance Ambassador,- build and sustain relationships with key technology stewards/ engineers/administrators for the purpose of improving our overall security posture
Assist with defining/establishing hardened configurations for newly built or legacy technologies
Maintain current knowledge of information security concepts, technologies, and adversary tactics
Directly enable Southern company's high performance and inclusive culture through your engagement, collaboration, and behavior
Small amount of travel optional for professional development
Requirements and qualifications:
Demonstrated tenacity in problem-solving: the ideal candidate will possess a relentless drive to investigate cybersecurity issues and threats with meticulous attention to detail until they are fully resolved and mitigated. Candidate must be persistent, curious, and dedicated to chasing down leads by analyzing complex security data , uncovering root causes that can enable us to maximize our cyber defenses
3+ years of on-keyboard technical experience in one of the following areas required: technology and infrastructure administration, system integration work, network architecture and engineering, firewall management, identity and access management, server operations and support, security operations/analysis, or administration of enterprise security technologies
Working knowledge or familiarity with environments and solutions hosted in one major public cloud service provider (Azure, AWS, Google, Oracle) required
Azure or Oracle Cloud knowledge/familiarity desired
Clear understanding of the Common Vulnerability Scoring (CVSS) System required
One or more of the following certifications is required: CISSP, CASP, CCSP, CISM, GIAC, CCNA, NetApp Certified Data Administrator (ONTAP), CompTIA (Advanced Security Practitioner or Cloud+), public cloud architecture certification (e.g., Azure Solutions Architect), MCSE, RHCE, CCIE.
Must have demonstrated critical, independent thinking; ability to conceive and present creative solutions
Must have knowledge and understanding of information security concepts and best practices
Must be able to collaborate with a variety of technical teams to achieve project goals
Scripting skills (e.g., Python, Perl) highly desired to automate tasks or collect data
Energy industry experience desirable
Prior experience advocating security policies, practices, controls, and standards to business and IT teams, balanced with an understanding of business requirements, is desired
Experience participating as a stakeholder in a security risk management program is desired
Familiarity with the NIST Cyber Security Framework is desired
US citizenship required
Must pass NERC Critical Infrastructure Protection & Insider Threat Program background checks due to the need to routinely access sensitive information and critical systems
#LI
Southern Company (NYSE: SO) is a leading energy provider serving 9 million residential and commercial customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy infrastructure company with national capabilities, a fiber optics network, and telecommunications services. Through an industry-leading commitment to innovation, resilience, and sustainability, we are taking action to meet our customers' and communities' needs while advancing our commitment to net zero emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture and hiring practices have earned the company national awards and recognition from numerous organizations, including Forbes, Military Times, DiversityInc, Black Enterprise, J.D. Power, Fortune, Human Rights Campaign and more. To learn more, visit www.southerncompany.com.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Identification: 4499
Job Category: Cybersecurity
Job Schedule: Full time
Company: Southern Company Services
