Southern Company IT Security Manager, Security Operations Center in Atlanta, Georgia
IT Security Manager, Security Operations Center
This position is responsible for managing the Southern Company Security Operations Center (SOC) threat analysis and incident response teams located in Atlanta Georgia. The role encompasses acting as a key member of the leadership team contributing to the overall strategy and direction of threat management technologies. This role reports to the Director of the organization.
MAJOR JOB RESPONSIBILITIES:
Manage a 24x7 on-site threat analysis team.
Manage our incident response team and lead IR engagements.
Work across business organizational lines to achieve an end goal.
Provide thought leadership and establish the strategy for the team function.
Establish and maintain positive relationships/partnerships with appropriate vendors and business partners.
Lead the continued transition from SIEM reactive monitoring to proactive threat hunting.
Increase the capability of Operational Technology (OT) monitoring across our business partners.
Develop and support strategic plans and projects as defined by Technology Security and our Business Partners. Be a part of Southern Company’s overall cybersecurity leadership team, working to lower and mitigate risk.
Oversee personnel, their performance, compensation, and related topics. Determine staffing requirements: guides recruiting, hiring, training, development, and retention of highly qualified team members.
Responsible for driving execution of daily, weekly, and monthly metrics for statistical threats and KPIs
Maintain awareness of trends in security regulatory, technology, and operational requirements.
Mentor and guide SOC Team Lead, IR Team Lead, and Analysts and perform knowledge transfer to other teams as required.
Responsible for security analysis, administration and remediation procedures, workflows and tasks, including the Southern Company Cyber Incident Response Plan (IRP).
Be a leader in the expansion and growth of the SOC; drive integration of new products and services.
Tackle complex business issues and working with technology experts to deliver technical solutions using the authority to work toward predetermined goals and objectives.
Ensure that Standard Operating Procedures are being created and followed by the team
Accountable for the team functional budget.
Travel is expected to be around 5-10%, but will vary on individual preferences, current goals, and operational tempo.
Must comply with any regulatory requirements.
Must be able to obtain a US Government Clearance.
Demonstrated ability to successfully lead a team of highly technical individuals in order to achieve goals. Experience as a key member, particularly leadership, in a cybersecurity organization.
Undergraduate degree in computer science, cybersecurity, engineering, information science, or related technical discipline.
Demonstrate ability to formulate develop novel out of the box solution to complex cybersecurity problems.
Strong understanding of advanced cyber threats and associated tactics, techniques and procedures.
Proven ability to communicate complex cybersecurity concepts to non-technical, non-cybersecurity personnel, including executive management.
Experience managing complex problems with multimillion dollar budgets.
Experience developing credible, working relationships across internal company organizations.
Experience developing collaborative cybersecurity solutions.
8 years of experience in cybersecurity. 3 years in cybersecurity leadership.
The ideal candidate has a combination of background experience in incident response and SOC management or development, either directly or as part of a MSSP.
Demonstrable and specific experience in an adversary hunting role and/or management over that function.
A diverse technical background in areas such as active defense, programming, advanced actor defenses, systems administration, network administration, firewalls, network analysis, forensic analysis, cyber operations and/or related fields.
Educational background in hacking techniques and hands-on training.
Understanding of IT Security best practices and the ability to apply risk management principles in all aspects IT Security preferred.
Working knowledge of Southern Company infrastructure
Working knowledge of NERC CIP regulations
Understanding of the electric power and natural gas delivery business
Experience working in or with federal agencies on cyber operations, including but not limited to: regulators, military, law enforcement and intel agency officials, and other highlevel stakeholders.
Extensive breadth and depth of knowledge of technology and cybersecurity concepts and best practices, such as malware analysis, network monitoring, virtualization, heuristic-based detection, MITM attacks, encryption, and red teaming.
Hands on experience with Splunk and ArcSight
Professional certifications to include CISM, CISSP, SANS GIAC, CCNA
Working knowledge of Strong Authentication, End Point Security, Network Security, Full Packet Capture, DLP, IAM, Firewalls is a plus
Southern Company (NYSE: SO) is America's premier energy company, with 44,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million electric and gas utility customers through its subsidiaries. The company provides clean, safe, reliable and affordable energy through electric utilities in four states, natural gas distribution utilities in seven states, a competitive generation company serving wholesale customers across America and a national recognized provider of customized energy solutions, as well as fiber optics and wireless communications. Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top utilities in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at www.southerncompany.com.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Type: Standard
Primary Location: Georgia-Metro Atlanta-Atlanta
Operating Company: Southern Company Services
Job Type: Standard
Travel (Up to...): Yes, 25 % of the Time
Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)
241 Ralph McGill Blvd. NE
Req ID: SCS2008024