We are committed to creating a technology ecosystem that propels our company’s vision of building the future of energy. We apply technical skills and collaborative thinking to develop novel solutions to the business challenges of today and tomorrow. Join our team of 1,500+ IT experts and experience a fulfilling career that’s important, necessary and offers its share of fun and camaraderie.
IT Security Analyst, Sr
Description
SCS Technology Security
IT Security Analyst, II/Sr
Job Description
At Southern Company, our core objective is to ensure safe and reliable computing environment for the consumers of our services, both internally and externally. Our complex environment generates a constant stream of challenges which require continual innovation with an evolving set of technologies. Keeping the network safe and reliable ensures that our users stay connected with our applications, products and services.
Position Overview:
Southern Company is seeking an experienced and passionate Red Team analyst. This is a technical, hands-on role that requires the ability to self-direct team engagements and support proactive analysis to assess the security posture of Southern Company’s attack surface and network. This position is responsible for conducting Red Team engagements, researching and developing TTPs, advising the implementation of security technologies and controls to improve defensive posture, and advising detection engineering efforts.
The ideal candidate will have a strong background in cyber security and security operations, with a background in conducting Red Team operations, attack simulations and exploit development.
Qualifications:
Bachelor’s degree in computer science, technology, engineering or security-related field or equivalent experience
Demonstrated experience in security operations and red teaming
Minimum 3 years IT security experience
Broad knowledge of core information security principles (e.g. access control, least privilege, data integrity)
Thorough understanding of network design principles (including topology, protocols, network components, and principles) and virtualized infrastructures
Thorough understanding of TCP/IP network stack, network technologies, network traffic analysis and protocols
Experience performing red teaming or pen testing engagements, with strong background in web application and mobile application attacks covering multiple technologies (javascript, php, ASP.NET, etc)
Background in vulnerability and exploit research
Experience with command-and-control frameworks
Experience with reverse engineering and protocol analysis
Experience with exploit development and ability to switch to new development languages
Basic understanding of common scripting languages (PERL, Python, Powershell)
Experience setting up and managing attack infrastructure
Basic understanding of how to set up scoping procedures in support of red team engagements
Self-directed with ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments
Strong verbal and written communication skills
Job Responsibilities:
Participate in the day-to-day development of the team, including assistance with innovative processes, strategies, technologies, and operations
Support full-spectrum, lifecycle attack simulations (technology, social, physical)
Perform a wide range of Red Team testing including network penetration, web and mobile application testing, operational technical (ISC/SCADA), source code reviews, threat analysis, wireless network assessments, social-engineering testing, and evasion techniques
Conduct research in support of development of novel attack paths for ongoing and future Red Team engagements
Assess ideal targets and focus areas for red team engagements based on understanding of Southern Company network
Maintain knowledge of the current security threat landscape by monitoring related internet postings, intelligence reports and other sector specific sources as necessary
Build and maintain tools and infrastructure to support the Red Team engagements
Work alongside Cyber Threat Intelligence team to evaluate and gain knowledge regarding threat actor behaviors, TTPs, and cyber threat landscape
Support detection engineering team and security monitoring efforts by advising the development of enhanced SIEM detection content and capabilities to identify the presence of cyber threats or predict potential attacks
Advise and support implementation of security controls and solutions to improve defensive capabilities based on lessons learned from hunting engagements
Collaborate with peers from across the organization and maintain excellent working relationships with key partners across the Technology Organization functions and business partners
Demonstrate Southern Company values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment
Job Requirements :
Required to submit to a thorough background examination
Ability to understand business requirements and present appropriate solutions
Ability to work independently or within a team
Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions
Must pass NERC CIP & Insider Threat Protection background checks
One or more relevant industry certifications (OSCP, GPEN, OSEP, OSWA, OSWE, OSED, OSMR, OSEE)
Occasional travel to local and regional locations in pursuit of job duties and requirements
#LI
Southern Company (NYSE: SO) is America's premier energy company, with 46,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million customers through its subsidiaries . The company provides clean, safe, reliable and affordable energy through electric operating companies in four states, natural gas distribution companies in seven states, a competitive generation company serving wholesale customers across America and a nationally recognized provider of customized energy solutions, as well as fiber optics and wireless communications . Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top energy companies in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at www.southerncompany.com.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Field: Information Technology
Job Type: Standard
Primary Location: Georgia-Metro Atlanta-Atlanta
Operating Company: Southern Company Services
Other Locations: Alabama-Metro Birmingham/Eastern AL-Birmingham
Job Type: Standard
Travel (Up to...): No
Work Location(s):
Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)
241 Ralph McGill Blvd. NE
Atlanta, 30308
APC Corporate Headquarters - 600 North 18th Street (600BIRMINGHAM)
600 North 18th Street
Birmingham, 35203
Req ID: SCS2011134