IT Security Analyst, Specialist
Insider Threat Fusion Center Analyst, Specialist
A leading U.S. energy company seeks a security professional to join our Insider Threat Fusion Center in an experienced technical analyst role. The candidate will directly support the company’s efforts to prevent and mitigate potential insider threats to the company’s facilities, personnel, technology, operations, and brand.
The ideal candidate will be multi-disciplinary in both analysis and technology development. Our team is an agile and high-performing group that quickly turns new ideas into capabilities and then threat analysis. We are seeking someone experienced with insider threat behavioral indicators, statistical techniques, machine learning capabilities and artificial intelligence utilizing Splunk, and workflow automation. The Analyst will lead the development of new analytics, address data quality issues, ensure data models are correctly deployed, and advance processes through automation and orchestration. The optimization of commercially available tools is also within scope.
• Perform threat analysis on potential insider threats
• Utilize relevant data sets, analytic techniques and visualization tools to assimilate and interpret sources from across the company
• Lead validation and testing of existing and new data models to ensure adequacy and accuracy
• Implement best practices for tuning analytic technologies to maximize probability of detection while minimizing false positives
• Gather analysis requirements or use cases and propose solutions
• Streamline manual analysis tasks through orchestration and automation
• Improve existing methodologies for technical threat assessment
• Work independently with vendors to resolve problems and implement solutions
• Support the implementation of data correlation techniques
• Support definition, monitoring and reporting of effectiveness metrics on an ongoing basis, implementing continuous improvement
• Support implementation of next-generation (AI/ML) technology used to detect insider threat activity
• Contribute to day-to-day taskings related to the Insider Threat Program
• Maintain current knowledge of relevant technologies, including user (entity) behavioral analytics, DLP, correlation engines, machine learning, etc.
· BA/BS in data science, computer science, engineering, mathematics, or security-related field or equivalent experience.
· At least 8 years’ experience in positions directly related to data science or cybersecurity
• Minimum one year of experience with Splunk, preferably certified in Splunk for Analytics and Data Science
· Excellent problem solving and analytical skills; ability to solve complex technical issues.
• Self-starter with the ability to prioritize work and complete assignments under minimal direction
• Proficient at on-boarding data from a variety of data sources
• Understanding of best practices for detecting, identifying, and classifying insider threats
• Strong communication skills; ability to successfully communicate analytic results, business insights, and resulting business implications to non-technical business partners
• Intellectual curiosity to find solutions
Southern Company (NYSE: SO) is America's premier energy company, with 44,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million electric and gas utility customers through its subsidiaries. The company provides clean, safe, reliable and affordable energy through electric utilities in four states, natural gas distribution utilities in seven states, a competitive generation company serving wholesale customers across America and a national recognized provider of customized energy solutions, as well as fiber optics and wireless communications. Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top utilities in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at www.southerncompany.com.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Field: Information Technology
Job Type: Standard
Primary Location: United States
Operating Company: Southern Company Services
Other Locations: Alabama-Metro Birmingham/Eastern AL-Birmingham, Georgia-Metro Atlanta-Atlanta
Job Type: Standard
Travel (Up to...): Yes, 25 % of the Time
The Energy Center - 3535 Colonnade Parkway (3535Birmingham)
3535 Colonnade Parkway
Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)
241 Ralph McGill Blvd. NE
APC Corporate Headquarters - 600 North 18th Street (600BIRMINGHAM)
600 North 18th Street
Req ID: SCS2011491