IT Cyber Security Network Detection Engineer
Description
IT Cyber Security Network Detection Engineer
Work location: Georgia Power Corporate Headquarters in Atlanta, GA
JOB SUMMARY
This position will support our Security Operations Center (SOC) by engineering new threat detections, so our SOC analyst can monitor and respond to cyber security activity across Southern Company's IT and OT networks.
As a Network Detection Engineer you will be responsible for developing and continuous improvement of detection capabilities across OT and IT networks. You'll act as a SME on our detections related to network traffic, firewall, and IDS. You'll advise the Detection Engineering team on where to deploy detection capabilities within the security alerting stack.
You'll coordinate with device owners to leverage device detections efficiently, while enriching existing detections and fortifying our environment based on the Mitre ATT&CK framework.
JOB REQUIREMENTS
A formal education in Computer Science or a related field, or equivalent experience in IT Security related roles is required for this position.
Minimum 1 years working or supporting a Security Operations Center (SOC) required
Minimum 1 years supporting IT infrastructure or Information Security devices/technologies
Intrusion Detection, Ethical Hacking, and Monitoring certifications a plus (GCIA, CEH, GMON, OSCP, etc)
Intermediate knowledge supporting Security Information and Event Management platforms such as Splunk and Splunk Enterprise Security App
Intermediate experience developing & managing content within an Enterprise Security Manager application: including dashboards, risk-based alerting, active channels, reports, correlation rules, filters, trends, network models, etc.
Advanced knowledge of networking protocols and addressing schemes, i.e., TCP/IP functions, CIDR blocks, subnets, addressing, communications, etc
Advanced knowledge of network detection and defense technologies and appliances such as Corelight, Palo Alto, F5, Suricata, Snort, and Bro (Zeek).
Comprehensive working knowledge of Linux, Unix, and Windows OS
Scripting skills such as Perl, Python, and/or Shell scripting are a plus.
Database skills with MySQL, SQL, Oracle are preferred
Experience with and understanding of the Mitre ATT&CK framework or Lockheed Martin Cyber Kill Chain
Experience working with regular expressions are a plus.
Excellent problem solving and analytical skills; ability to solve complex technical issues
Strong customer service skills
Exhibit initiative, follow-up and follow through with commitments
Ability to support and work in a team environment
Strong technical writing skills
Ability to manage multiple tasks and priorities in a high-pressure environment
Working knowledge of Southern Company infrastructure is a plus
MAJOR JOB RESPONSIBILITIES:
Be a subject matter expert on security use cases and detection techniques for network traffic events
Utilize broad knowledge of security operations, intrusion detection, and security logging to integrate detection use cases into the environment
Perform tuning and root cause analysis to increase efficacy of existing use cases and reduce false positives
Participate in use case development sprints, submitting code and peer-reviewing other team members code submissions.
Interface with SOC analysts to explore new use cases, educate on new detections, and serve as a subject matter expert for network-based detections in regards to SOC response procedures
#LI
Disclaimer:
This information describes the general nature and level of work performed by employees in this job. The description is not designed to be a comprehensive inventory of duties, responsibilities and qualifications required in the job. Reasonable accommodations may be made to qualified disabled individuals for performance of essential duties and responsibilities.
Southern Company (NYSE: SO ) is America's premier energy company, with 46,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million customers through its subsidiaries . The company provides clean, safe, reliable and affordable energy through electric operating companies in four states, natural gas distribution companies in seven states, a competitive generation company serving wholesale customers across America and a nationally recognized provider of customized energy solutions, as well as fiber optics and wireless communications . Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top energy companies in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at www.southerncompany.com .
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Field: Information Technology
Job Type: Standard
Primary Location: Georgia-Metro Atlanta-Atlanta
Operating Company: Southern Company Services
Job Type: Standard
Travel (Up to...): No
Work Location(s):
Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)
241 Ralph McGill Blvd. NE
Atlanta, 30308
Req ID: SCS2010483
