What are the responsibilities and job description for the Cyber Security Analyst-Threat Analyst position at Southern Company?
Cyber Security Analyst
Job Description
A Southern Company Security Analyst participates in monitoring, hunting and responding to cyber
security events. He or She, provides a front-line role during cyber security incidents, identifying the
extent of the threat, business impacts and advising or sometimes performing the most suitable course
of action to contain, eradicate and remediate an incident. A Southern Company Security Analyst
maintains a good knowledge of the threat landscape, helps enhance visibility and response capabilities
by identifying new methods of detecting threats. A Southern Company Security Analyst is proactive and
seeks out adversaries determined to negatively impact Southern Companies reputation, financial
interest or threatens the safety of our employees and customers.
In this specific role, the Southern Company Security Analyst will help to better position the Security
Operations Center in monitoring of the IT/OT boundary. OT experience is a preferred quality.
Candidates are expected to discuss and demonstrate they meet required qualifications for applicable
roles.
Responsibilities
Southern Company (NYSE: SO) is a leading energy provider serving 9 million residential and commercial customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy infrastructure company with national capabilities, a fiber optics network, and telecommunications services. Through an industry-leading commitment to innovation, resilience, and sustainability, we are taking action to meet our customers’ and communities’ needs while advancing our commitment to net zero emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture and hiring practices have earned the company national awards and recognition from numerous organizations, including Forbes, Military Times, DiversityInc, Black Enterprise, J.D. Power, Fortune, Human Rights Campaign and more. To learn more, visit www.southerncompany.com .
Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Identification: 9637
Job Category: Cybersecurity
Job Schedule: Full time
Company: Southern Company Services
Job Description
A Southern Company Security Analyst participates in monitoring, hunting and responding to cyber
security events. He or She, provides a front-line role during cyber security incidents, identifying the
extent of the threat, business impacts and advising or sometimes performing the most suitable course
of action to contain, eradicate and remediate an incident. A Southern Company Security Analyst
maintains a good knowledge of the threat landscape, helps enhance visibility and response capabilities
by identifying new methods of detecting threats. A Southern Company Security Analyst is proactive and
seeks out adversaries determined to negatively impact Southern Companies reputation, financial
interest or threatens the safety of our employees and customers.
In this specific role, the Southern Company Security Analyst will help to better position the Security
Operations Center in monitoring of the IT/OT boundary. OT experience is a preferred quality.
Candidates are expected to discuss and demonstrate they meet required qualifications for applicable
roles.
Responsibilities
- Take action on security events presented to Analyst via SIEM, user submissions, dashboards, etc.
- Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats
- Remain abreast of emerging threat patterns and provide recommendations to detect threats
- Assists with patching recommendations and workarounds for zero-day threats.
- Coordinate mitigation or remediations task with stakeholders or supporting teams
- Communicates with management on incident updates.
- Monitors SIEM and analyzes security events to determine appropriate actions
- Monitors emails containing links/attachments associated with potential phishing attempts to
- Identify and tune false positives associated with current security events
- Document analytical steps and findings associated with security event investigations
- 5 years IT security experience
- Minimum 4 years of experience in performing analysis on Windows and LINUX/UNIX systems
- Minimum 4 years of experience and/or familiarity in the following areas:
- Network/Endpoint: analysis tools
- Scripting languages
- Windows/Unix command line utilities
- Reputation analysis associated with IP’s, Domains, Email Addresses
- Ticketing Systems
- Required to submit to a background examination.
- Experience operating within a security application such as Kali, Metasploit, etc.
- Oral and written communication skills
- Ability to take ownership of incidents from acknowledgement to resolution
- Ability to initiate security event investigations
- Ability to comprehend and articulate business impact associated with security events
- Interacting with vendors to support proof of concepts
- Proficient in Microsoft Office products: Excel, Word, Outlook, etc.
- Exposure, experience and/or knowledge of cloud technology
- Familiar with NIST 800-61 and SANS Critical Security Controls
- Ability to identify and mitigate security events by recommending and/or implementing
- Experience with Operational Technology (OT) environments and understanding of IT/OT
- Knowledge of ICS/SCADA protocols such as Modbus, DNP3, etc.
- Understanding of firewalls, VLANs, and DMZs specific to OT environments.
- Proficiency in using security information and event management (SIEM) systems to
- Experience with intrusion detection/prevention systems (IDS/IPS) and their
- Familiarity with NIST SP 800-82
- GIAC Security Essentials (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- Security
- Other certifications within IT Security
- Self-Motivated – Cyber Analysts do not only act when security tools trigger alerts, we are suspicious
- Perseverance - Cyber Analysts identify resources that allow us to move through or around barriers
- Dependable – Cyber Analysts work within a team environment and thus, we rely on one another for
- Integrity - As Cyber Analysts, our reputation is our code of ethics. We are not perfect. We admit
- Sense of Humor – Although this may vary, just have one; I promise we can work with it. We have a
Southern Company (NYSE: SO) is a leading energy provider serving 9 million residential and commercial customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy infrastructure company with national capabilities, a fiber optics network, and telecommunications services. Through an industry-leading commitment to innovation, resilience, and sustainability, we are taking action to meet our customers’ and communities’ needs while advancing our commitment to net zero emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture and hiring practices have earned the company national awards and recognition from numerous organizations, including Forbes, Military Times, DiversityInc, Black Enterprise, J.D. Power, Fortune, Human Rights Campaign and more. To learn more, visit www.southerncompany.com .
Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Identification: 9637
Job Category: Cybersecurity
Job Schedule: Full time
Company: Southern Company Services
