Title: Cybersecurity Analyst  

Location: 

The Energy Center - 3535 Colonnade Parkway 

3535 Colonnade Parkway 

 Birmingham 35243

Status: Full-time employee   

Department Name: Specialized Cyber Security Engineering    

                        

Purpose: Southern Company is seeking a passionate and capable Network Security Engineer to join our Cybersecurity organization.  This position will support Southern Company’s Specialized Cyber Security information security program to ensure information and Operational Technology (OT) assets are adequately protected.

 

The successful applicant will collaborate with Generation, Transmission, Gas, PowerSecure, and commercial business units to define and implement business security requirements and goals.  This position partners with other business unit SMEs to identify and resolve business security issues and enhance defenses of Southern Company’s OT cyber assets.  The position also supports information security compliance programs in response to regulations such as NERC, FERC, TSA as well as other state, local, and federal security requirements.

 

Education / Experience:       

Possess an in-depth knowledge of information security methodologies, tools, technologies, and best practices and how they relate to the organization.  Ability to troubleshoot and resolve problems in a systematic and logical manner and maintain good communication with all relevant parties throughout troubleshooting process. Strong experience in Firewall Technologies, including hands-on experience in providing firewall support, installation, and analysis of infrastructure communication. Understand key firewall concepts including but not limited to VPN, NAT, Threat prevention, URL Filtering, application filtering, etc.  Well versed in networking and routing concepts Excellent problem solving and analytical skills; ability to solve complex technical issues 5+ years’ experience in positions directly related to cyber security infrastructure support, information security, information technology, and/or consulting expertise 3+ year’s direct administration of any of the following firewall solutions: Palo Alto Firewalls / Panorama Cisco FirePower Firewalls / FMC

 

Job Responsibilities: 

Develop requirements for firewall rule implementation including source and destination IPs, Ports, Transport Protocol  Configure, install, and support network and firewall infrastructure following a mature change management and development process Provide security oversight and governance for network and firewall infrastructure including firewall rulesets, intrusion prevention policies, exception requests, etc.  Work with an experienced team of network and security engineers to perform vulnerability and fault analysis on devices to develop and implement remediation and recovery plans Perform root cause analysis of issues and make appropriate recommendations to avoid future failures Develop and maintain high-level and low-level design documentation including network diagrams within Microsoft Visio Support Operational Technology (OT) and the enterprise in all aspects of information security administration Comply with regulations and security best practices while handling confidential situations and data Conduct investigations and analysis as directed Engage with TO and business units to evaluate and implement security process for critical infrastructure and key resources Provide governance and oversight of business unit security activities to ensure compliance with all corporate information security policies and procedures Establish and execute program updates as necessary to adapt to the changing threat landscape as well as local, state, and federal security requirements Assist in the ongoing development of Southern Company's OT security architecture to identify areas of opportunity and partner with architects to research alternatives and recommend solutions Perform security testing and audits to identity vulnerabilities and resolve weaknesses Research security enhancements and make recommendations to management Work with vendors where appropriate to escalate issues

Additional Information: 

Must have a valid state driver’s license Must be able to pass background requirements including NERC CIP and enhanced Insider Threat Program (ITP) Additional duties as assigned 

This position falls under the company’s Insider Threat Program and will have access to, and control over sensitive data, systems or assets. Enhanced personnel screening, which includes a background review, drug screen and psychological assessment, will be required if you are selected for this position