Cybersecurity Analyst

SCS Cybersecurity

Vulnerability Exploitation Analyst

Job Description

At Southern Company, our core objective is to ensure safe and reliable computing environment for the consumers of our services, both internally and externally. Our complex environment generates a constant stream of challenges which require continual innovation with an evolving set of technologies. Keeping the network safe and reliable ensures that our users stay connected with our applications, products and services. Southern Company is committed to supporting the professional development and growth of its employees and fosters an environment of diversity, equity, and inclusion.

Position Overview:

Southern Company is seeking a passionate Vulnerability Exploitation Analyst to join our Cybersecurity organization. This technical, hands-on role is critical to strengthening our vulnerability management program by performing exposure validation, exploit testing, and adversary simulation. You will actively identify, replicate, and validate vulnerabilities to determine real-world impact, ensuring remediation efforts are prioritized based on risk.

Your work will directly support:

- Exploitation evaluation and validation of vulnerabilities across enterprise systems.

- Attack surface reduction through proactive identification of exploitable gaps.

- Continuous threat validation to confirm the effectiveness of security controls and defensive measures.

This role partners closely with the Vulnerability Management team to provide actionable insights that drive remediation strategies and improve overall security posture.

Qualifications:

- Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience

- 2+ years in offensive security, penetration testing, or adversarial threat simulation

- Demonstrated expertise in supporting vulnerability and patch management programs, enhancing application security, and conducting thorough analyses of potential exposures

- Hands on experience with manual exploitation techniques and breach and attack simulation platforms.

- Strong understanding of vulnerability research, exploit chains, and post-exploitation tactics.

- Deep understanding of MITRE ATT&CK, adversary TTPs, and exploit development.

- Proficiency in scripting languages (Python, PowerShell, Bash; PERL a plus).

- Knowledge of vulnerability management, attack surface management, and cloud security posture management

- Familiarity with OWASP testing methodologies and common application/system vulnerabilities.

- Understanding of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, code injection, race conditions, covert channel, replay, return-oriented attacks)

- Understanding and familiarity with different operating systems (e.g., Windows and LINUX/UNIX systems)

- Knowledge of IT security / hardening best practices; including but not limited to operating systems, web applications, and network devices.

- Experience with SIEM platforms for detection validation and log analysis.

- Excellent communication skills for translating technical findings into business risk narratives.

- Ability to think like an attacker—creative, persistent, and detail-oriented in identifying weaknesses.

- Ability to thrive in a fast-paced environment, demonstrating adaptability and flexibility in response to changing priorities and emerging threats.

- Experience driving discussions and consensus across a broad group of stakeholders and cross functional teams regarding security recommendations and mitigation strategies.

- Demonstrates strong critical thinking and curiosity, essential for effectively analyzing and addressing security threats and vulnerabilities.

Job Responsibilities:

- Conduct attack path mapping and adversary emulation using MITRE ATT&CK and other frameworks.

- Execute breach and attack simulations and exploit validation across enterprise systems.

- Research and replicate emerging exploits, vulnerabilities, and offensive techniques to assess real world impact.

- Collaborate with Threat Intelligence to align testing with current threat actor behaviors and campaigns.

- Provide actionable insights and offensive-driven recommendations to harden systems and reduce attack surface.

- Maintain situational awareness of the threat landscape, including zero-days, CVEs, and novel exploitation methods.

- Partner with stakeholders to prioritize remediation based on validated risk exposure and potential adversary gap.

- Collaborate with peers from across the organization and maintain excellent working relationships with key partners across Technology Organization functions and business partners.

- Demonstrate Southern Company values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment

Job Requirements:

- Required to submit to a thorough background examination

- Ability to understand business requirements and present appropriate solutions

- Ability to work independently or within a team

- Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments

- Solid verbal and written communication skills

- Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions

- Must pass NERC CIP & Insider Threat Protection background checks

- One or more relevant industry certifications (i.e., OSCP, CEH, GSEC, CISSP, CISA)

- Occasional travel to local and regional locations in pursuit of job duties and requirements

About Southern Company

Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com .

Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Identification: 16251

Job Category: Cybersecurity

Job Schedule: Full time

Company: Southern Company Services