Cybersecurity
Cloud Identity Security Analyst
Position Summary:
The Cybersecurity organization is seeking a Cloud Identity Security Analyst to assist in the application integration, security hardening, and tenant management duties of the cloud identity team.
The successful candidate will have responsibility for maintaining and advising the direction of Southern Company’s cloud-based identity providers (IDPs). Primarily, this role will focus on Microsoft Entra ID and Oracle Identity Cloud Service (IDCS). Effort will be directed towards integration with cloud-based apps, hardening and risk reduction, coordination with on-premises identity, as well as connectivity with other cloud-based IDPs. Qualified candidates need to be able to interact with services vendors, align strategy and execution to increase IAM maturity, anticipate future requirements for complex environments, keep up with current security trends, be focused on results, and be a self-starter.
This role will directly support the company’s efforts to mitigate real and potential cyber threats to the company’s facilities, personnel, technology, operations, and brand – including critical electric and gas utility infrastructure and its privately owned telecommunications network.
Southern Company is headquartered in Atlanta and we bring energy to homes and businesses across the country. We’ve made our name as a leading producer of clean, safe, reliable and affordable energy, and we approach each day as a vital step in building the future of energy. We’re always looking ahead, and our innovations in the industry – from new nuclear to deployment of electric transportation and renewables – to help brighten the lives and businesses of millions of customers nationwide. Our team is critical to building the future of energy with secure, resilient, and sustainable cyber solutions.
Defend. Protect. Enable.
Job Responsibilities:
Architecture, integration, lifecycle, and future planning for Microsoft Entra ID and Oracle IDCS identity providers. Creation and lifecycle of cloud-native identities such as Service Principals and App Registrations. Integration of applications using cloud-native identity protocols such as SAML, Oauth, or OpenID. Implementation of new security feature sets to address modern risks such as FIDO/Passkeys. Triage and escalation of cloud identity issues – with the technology and with individual business partners. Build automations where possible to facilitate repeat work or reporting within the cloud environments. Mentoring others in the area of IAM, cloud identity, and modern authentication principles and best practices. Serve as a trusted advisor to our stakeholders, by designing security solutions, for improved security and business enablement. Maintain various controls to meet regulatory requirements, including but not limited to Sarbanes-Oxley (SOX), FERC and NERC. Monitor, forecast, and prepare for new regulatory requirements or cloud technology changes. Aid in the development of standards and polices for the IAM program. Enhance processes to facilitate improved operational efficiencies, risk mitigation, and customer interactions. Lead and deliver cloud identity projects in scope, on time, and within budget. Provide expertise to assist in the development of Southern Company’s security architecture – identify areas of opportunity, research alternatives, and recommend solutions.
Requirements and qualifications:
Required:
Experience managing cloud-native identity providers, specifically Microsoft Entra ID and Oracle IDCS. Experience with cloud application integrations using SAML or OpenID. Experience with OAuth IDs (Service Principals), their configuration, lifecycle, and long-term risk management. An understanding of cloud role-based access controls and their unique differences from on-prem. Ability to leverage user dynamic risk, progressive authentication, self-service. Knowledge of modern authentication methods e.g. FIDO, Biometrics, Passwordless. Knowledge of cloud entitlement management and best practices. Must pass NERC CIP & Insider Threat Protection background checks.
Desired:
Technical knowledge with the following concepts: On-premises SSO, Active Directory, Privileged Account Management, PKI A solid understanding of IAM related protocols and standards such as:SAML, OAuth/OIDC, SCIM, FIDO, RADIUS, LDAPS, Kerberos. Strong verbal communication, and presentation skills. Competency in APIs (Rest, Graph) and/or JavaScript/Python/JSON/SQL. Experience prioritizing and executing with minimal direction or oversight. Industry certifications such as: CISSP, CCSP, CISA, GIAC, OSCP, CRISC, CCNP, etc. Experience with information security frameworks such as: COBIT, NIST, OWASP, etc. Familiarity with nation state, sophisticated criminal, and supply chain threats.
This position falls under the company’s Insider Threat Program and will have access to, and control over sensitive data, systems or assets. Enhanced personnel screening, which includes a background review, drug screen and psychological assessment, will be required if you are selected for this position