Operational Technology Cyber Security Engineer/Analyst
Description
Operational Technology Cyber Security Engineer/Analyst
Southern Company Services, I&C Systems & Field Support
WORK LOCATION
This position will be based out of Birmingham, AL or Atlanta, GA, however candidates living outside of the area may be considered with the expectation that they could successfully telework and would be willing to travel to work and/or field location on a routine (to be determined) and as-needed basis.
Relocation is not offered for this position.
Travel expectations - approximately 25% per year, to include both office and field locations as dictated by business need.
Majority of work can be performed remotely (telework/work from home).
POSITION SUMMARY
This position supports the Operational Technology (OT) Cyber Security group within the Technical Services I&C Systems and Field Support Organization of T&PS. This position supports the Generation Cyber Security Program and NERC CIP requirements.
This position will serve as administrative support for the Southern Kiosk Defender (SKiD) environment and respond to positive detections on the SKiDs. The SKiD is a hardware appliance that scans removeable media for malware. This role will also monitor vulnerabilities for Generation OT environment and provide initial triage to Cyber Security Incident Response Plan activations. A substantial portion of this role is spent documenting and writing reports.
This role will also perform duties ranging from cyber assessments at plant sites focusing on CIP and Cyber SOEs, cyber security reviews for new projects, developing technical documentation, and participating on project teams as needed based on upcoming regulations.
KEY JOB RESPONSIBILITIES
Manage Incident Response Log and provide initial triage for Incident Response Plan (IRP) activations.
Develop SME status for Southern Kiosk Defender (SKiD) management console, architecture, troubleshooting, etc. Respond to positive SKiD detections. Follow mitigation steps as applicable.
Review and provide direction on vulnerabilities within OT environment, as applicable.
Understand the Generation Cyber Security Program and Policies that apply to all Generation facilities.
Understand the NERC CIP requirements for assets containing Low Impact BES Cyber Systems.
Deliver a cohesive and consistent message about the Program, Policies, and Requirements when interacting with customers and colleagues.
Lead site assessments regarding Policies and Requirements. Document cyber assessment in formal report.
Provide technical analysis by conducting Cyber Security Reviews for T&PS managed and plant managed projects.
Develop and maintain technical documentation such as reports, network diagrams, etc.
Participate on project teams as needed to implement NERC CIP requirements.
Monitor IR and SKiD mailboxes and provide prompt response to requests.
Travel Required for position - approximately 25% per year.
POSITION QUALIFICATIONS
Education & Experience:
Bachelor's degree from an accredited university in Engineering, Computer Science, or Information Systems is preferred.
Technical Certifications and/or work experience may be considered in lieu of a degree.
I&C field and/or plant experience is a plus.
Knowledge, Skills & Abilities:
Detail oriented.
Strong written and oral communication skills.
Ability to draft technical reports based on assessment findings.
Experience working with audit documentation and processes.
Effective interpersonal skills and ability to create and maintain positive working relationships.
Strong teamwork and customer focus.
Working knowledge of Industrial Control System (ICS) communications and SCADA principles.
Knowledge of data communication principles, network topology, and networking protocols is preferred.
Knowledge of IT and OT cyber security tools is preferred.
Experience with enterprise class network and security infrastructure a plus.
Ability to classify priorities and escalate issues based on severity.
Proficiency in Microsoft Office, specifically Excel.
Ability to work with limited direction and contribute individually.
Experience researching vulnerabilities for ICS equipment.
Knowledge of incident handling procedures
BEHAVIORAL ATTRIBUTES
Action oriented, completes work in a timely manner and drives issues to resolution.
Demonstrate Southern Company Values - Safety First, Unquestionable Trust, Superior Performance, and Total Commitment.
Safety focus and a strong personal safety record.
BENEFITS
Competitive Pay
Excellent benefits packages which includes:
Medical and dental coverage
Defined Pension/Cash Balance Benefit Plan
Performance-sharing plan
401(k) plan with a generous company match
Bonus opportunities
Tuition Reimbursement
*Please submit an updated resume with your application*
Southern Company (NYSE: SO ) is America's premier energy company, with 46,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million customers through its subsidiaries . The company provides clean, safe, reliable and affordable energy through electric operating companies in four states, natural gas distribution companies in seven states, a competitive generation company serving wholesale customers across America and a nationally recognized provider of customized energy solutions, as well as fiber optics and wireless communications . Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top energy companies in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at www.southerncompany.com .
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
#LI
Job Field: Engineering
Job Type: Standard
Primary Location: Alabama-Metro Birmingham/Eastern AL-Birmingham
Operating Company: Southern Company Services
Other Locations: Alabama, United States, Georgia-Metro Atlanta-Atlanta, Georgia
Job Type: Standard
Travel (Up to...): Yes, 25 % of the Time
Work Location(s):
The Energy Center - 3535 Colonnade Parkway (3535Birmingham)
3535 Colonnade Parkway
Birmingham, 35243
Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)
241 Ralph McGill Blvd. NE
Atlanta, 30308
Req ID: SCS2010974
