Southern Company Professional Jobs

Job Information

Southern Company Red Team Lead – Penetration Testing Team in Atlanta, Georgia

Red Team Lead – Penetration Testing Team



A leading U.S. energy company seeks an experienced IT security professional to join our internal Red Team in a leadership role. Our Red Team provides an offensive security mindset and hands-on penetration testing in support of our overall defense mission, security controls, policy decisions, and other special activities. Through deep technical expertise the team maintains awareness of industry-leading approaches to practical security and helps negotiate remediation activities with a diverse set of stakeholders. The candidate will develop and implement solutions that achieve adversary emulation with the aim to improve technology security throughout the organization, to include both IT and OT environments.

The technical lead will leverage his/her proven experience in penetration testing, red teaming, purple teaming, or cyber operations to lead an innovative team that seeks to assess the security posture of internal and external company resources that are not suitable for external penetration testing engagement. The position requires an established expert responsible for scoping engagements, presenting results, and working with stakeholders. He/she will continue to build methodologies, platforms, approaches, and documentation to mature capabilities in this technical domain. We require an experienced thought leader and continuous learner that is able to emulate the latest threat vectors and sophisticated attacks against computer systems and networks. By doing so, we protect our critical infrastructure and Southern’s ability to deliver on our promises to customers and shareholders.


  • Lead the day-to-day development of team, including implementation of innovative processes, strategies, technologies, and operations

  • Perform a wide range of Red Team testing including network penetration, web and mobile application testing, operational technical (ISC/SCADA), source code reviews, threat analysis, wireless network assessments, social-engineering testing, and evasion techniques

  • Work with SIEM content developers to guide their creation of alerting and remediation deliverables

  • Communicate emerging technical cyber threats to other teams and stakeholders

  • Lead the implementation of workflows for red teaming

  • Provide operational and programmatic briefings to management, including pragmatic and risk-appropriate recommendations

  • Ensure that standard operating procedures are being created and followed by the team

  • Support the definition, monitoring, and reporting of effectiveness metrics on an ongoing basis

  • Provide thought leadership and establish the strategy for the team function

  • Travel is expected to be around 5-10%, but will vary on individual preferences, current goals, and operational tempo

  • Must be able to obtain a US Government Clearance



  • BA/BS in computer science, technology, engineering or cyber security-related field or equivalent experience

  • Minimum of five (5) years of relevant professional security experience, or three (3) years with Master’s degree

  • Experience with Red, Blue, or Purple teaming exercises

  • Broad knowledge of networking protocols (such as TCP, UDP, DNS, FTP, SMTP, DHCP, etc.) and experience performing network traffic analysis

  • Knowledge of Unix/Linux/Mac/Windows operating systems, including bash and PowerShell

  • Four years of experience with at least two of the following:

  • Network penetration testing and manipulation of network infrastructure

  • Mobile and/or web application assessments

  • Email, phone, or physical social-engineering assessments

  • Shell scripting or automation of simple tasks using Perl, Python, or Ruby

  • Developing, extending, or modifying exploits, shell code or exploit tools

  • Source code review for control flow and security flaws

  • Independent thinker with strong analytical and problem-solving skills

  • Working knowledge of tools used for security testing such as Kali Linux, Metasploit, Burp suite, Core Impact, Cobalt Strike, Nessus, Web Inspect, and Scuba

  • Must be a continuous learner; with a desire to stay current on security trends, tools, technologies and best practices.

Preferred Qualifications

  • Experience building and leading a red team in a corporate environment.

  • Understanding of attack signatures, tactics, techniques and procedures associated with advanced cyber threats

  • Understanding of common hosting environments such as containerization platforms (e.g., Docker and Kubernetes) and virtual machines running under hypervisors

  • Programming skills preferred and encouraged, as well as the ability to read and assess applications written multiple languages, such as JAVA, .NET, C#, or others

  • Experience communicating with senior stakeholders inside and outside the company

  • Familiarity with global threats to the energy sector

  • Technical industry certification such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN


Southern Company (NYSE: SO) is America's premier energy company, with 44,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million electric and gas utility customers through its subsidiaries. The company provides clean, safe, reliable and affordable energy through electric utilities in four states, natural gas distribution utilities in seven states, a competitive generation company serving wholesale customers across America and a national recognized provider of customized energy solutions, as well as fiber optics and wireless communications. Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top utilities in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Field: Information Technology

Job Type: Standard

Primary Location: Georgia-Metro Atlanta-Atlanta

Operating Company: Southern Company Services

Job Type: Standard

Travel (Up to...): Yes, 25 % of the Time

Work Location(s):

Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)

241 Ralph McGill Blvd. NE

Atlanta, 30308

Req ID: SCS2008103

back to top