Exposure Management Analyst

SCS Cybersecurity Exposure Management Analyst Location: Atlanta or Birmingham

Will likely become 80% on-site/in office within the next year

Job Description

At Southern Company, our core objective is to ensure safe and reliable computing environment for the consumers of our services, both internally and externally. Our complex environment generates a constant stream of challenges which require continual innovation with an evolving set of technologies. Keeping the network safe and reliable ensures that our users stay connected with our applications, products and services. Southern Company is committed to supporting the professional development and growth of its employees and fosters an environment of diversity, equity, and inclusion.

Position Overview

Southern Company is seeking a passionate and experienced Exposure Management Analyst to join our Cybersecurity organization. This is a technical, hands-on role that requires the ability to assess exposures, analyze risks, and advise strategies to mitigate exposure. This role will support day-to-day continuous threat and exposure management operations focused on identifying and escalating exposed risks. Work outputs will support implementation of security technologies and controls to improve defensive posture, implementation of processes in support of investigations, and development of detection capabilities.

Qualifications

- Bachelor’s degree in computer science, technology, engineering or security-related field or equivalent experience

- Minimum 5 years IT or security experience

- Demonstrated expertise in supporting vulnerability and patch management programs, enhancing application security, and conducting thorough analyses of potential exposures

- Experience working with vulnerability scanning, attack surface management, and cloud security posture management tools

- Understanding of OWASP common vulnerabilities and testing methodologies

- Understanding of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, code injection, race conditions, covert channel, replay, return-oriented attacks)

- Understanding and familiarity with different operating systems (e.g., Windows and LINUX/UNIX systems)

- Knowledge of IT security / hardening best practices; including but not limited to operating systems, web applications, and network devices.

- Experience building interactive dashboards and reports in PowerBI to visualize security metrics and exposure management data, including remediation progress, risk exposure, etc.

- Proficient in Microsoft Excel, including advanced functions such as PivotTables, VLOOKUP, and data analysis tools to organize, summarize, and interpret complex datasets.

- Experience using a SIEM to run search queries, perform log analysis, and build dashboards to monitor potential exposures

- Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments

- Ability to thrive in a fast-paced environment, demonstrating adaptability and flexibility in response to changing priorities and emerging threats.

- Experience driving discussions and consensus across a broad group of stakeholders and cross functional teams regarding patching, security recommendations, and mitigations strategies

- Strong verbal and written communication skills, with the ability to work independently and collaboratively within a team. Proven experience interacting with both technical and non-technical stakeholders.

Job Responsibilities

- Support day-to-day operations of the exposure management program, including data review, report processing, and trend analysis. Track remediation of identified risks and mitigation strategies and escalate findings to key stakeholders.

- Ability to analyze potential security risks and determine applicability to our environment

- Execute emergency vulnerability workflows and procedures

- Stay informed about publicly disclosed vulnerabilities (CVEs) and potential vulnerabilities (rumors, blogs, partial public analysis).

- Map vulnerability assessment results to asset inventory and key stakeholders. Calculate prioritization based on risk assessment.

- Identify and recommend appropriate compensating controls to manage and remediate vulnerability risk with the focus on reducing potential impacts

- Support development of vulnerability metrics and remediation-related dashboards and reports

- Understand enterprise policies and advise policies and technical standards with specific regard to vulnerability management, scanning procedures and secure configuration

- Coordinate with key business partners to understand, prioritize, and coordinate vulnerability remediation activities

- Collaborate with peers from across the organization and maintain excellent working relationships with key partners across Technology Organization functions and business partners

- Understand business requirements and work with business partners to define appropriate solutions, meeting both security mandates and business needs

- Demonstrates strong critical thinking and curiosity, essential for effectively analyzing and addressing security threats and vulnerabilities.

- Demonstrate Southern Company values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment

Job Requirements

- Required to submit to a thorough background examination

- Ability to understand business requirements and present appropriate solutions

- Ability to work independently or within a team

- Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments

- Solid verbal and written communication skills

- Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions

- Must pass NERC CIP & Insider Threat Protection background checks

- One or more relevant industry certifications (i.e., GSEC, CISSP, CISA)

- Occasional travel to local and regional locations in pursuit of job duties and requirements

This position falls under the company’s Insider Threat Program and will have access to, and control over sensitive data, systems or assets. Enhanced personnel screening, which includes a background review, drug screen and psychological assessment, will be required if you are selected for this position

About Southern Company

Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com .

Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Identification: 14219

Job Category: Cybersecurity

Job Schedule: Full time

Company: Southern Company Services