OT Cybersecurity & Compliance Analyst / Engineer

Al, USA

OT Cybersecurity & Compliance Analyst / Engineer

SCS Technical Shared Services (TSS) – I&C Systems & Field Support

This position will be located in Birmingham, AL or Forest Park, GA (Metro-Atlanta)

WORK LOCATION, SCHEDULE, & TRAVEL

  • This position will be based out of Birmingham, AL or Forest Park, GA (Metro Atlanta) however candidates living outside of the area may be considered with the expectation that they could successfully telework and be physically present in-office and/or field location on a routine (see below) and as-needed basis.

  • Hybrid work schedule (both in-office and telecommute); currently three (3) days in-office and two (2) days telecommute (subject to adjustment).

  • Relocation assistance may be provided if the successful candidate does not currently live within a reasonable commute distance.

  • This position will require some travel (day and overnight, up to 25%) and the ability to work successfully in a remote/virtual environment with access to internet service.

POSITION OVERVIEW

The NERC CIP Program Analyst at Southern Company is pivotal in protecting our energy infrastructure from cyber threats. This role involves leading strategic initiatives, collaborating with cross-functional teams, and influencing industry standards. The Analyst ensures compliance with NERC CIP standards, contributing to the reliability, safety, and security of the Operational Technology (OT) networks across Southern Company Services Operations, particularly within the non-nuclear generating facilities.

Key Responsibilities:

OT Cybersecurity Strategy and Planning :

  • Help further the OT cybersecurity culture for Southern Company’s non-nuclear generation assets.

  • Identify emerging compliance efforts and proactively position the team ahead of them.

  • Monitor regulatory changes and ensure effective communication within the organization.

  • Support development of implementation plans to meet future cybersecurity and compliance requirements.

Risk Assessment and Mitigation :

  • Further the development, processes implementation, and procedures to maintain compliance with NERC CIP standards.

  • Aid in the monitoring for compliance of NERC CIP (Critical Infrastructure Protection) standards via cyber assessments, etcetera.

  • Proactively position SCS Operations ahead of possible and probable future compliance.

Incident Response and Recovery :

  • Actively participate in response efforts during physical and cybersecurity events.

  • Ensure all compliance related actions take place and are properly documented.

  • Conduct post-incident analysis and implement lessons learned.

Employee Training and Awareness :

  • Participate in industry workshops, conferences, and initiatives to represent Southern Company’s interests.

  • Develop and deliver cybersecurity and NERC CIP training.

  • Foster intentional inclusion by ensuring diverse perspectives are considered in security initiatives.

POSITION QUALIFICATIONS

Education:

  • BS in Engineering, Computer Science, or related technical discipline is preferred.

Experience:

  • Experience working with (or in support of) NERC CIP standards and their application in the operations of an electric utility is required.

  • Minimum of 5 years of experience in OT cybersecurity with a focus on electric utility’s critical infrastructure is preferred.

  • Experience developing and influencing regulatory standards is preferred.

  • Knowledge of NERC regulatory framework and Rules of Procedure is preferred.

  • Strong computer and network engineering skills, particularly in electric utility operations preferred.

  • Excellent communication and collaboration abilities is highly desirable.

  • Strong analytical skills to assess complex security challenges needed.

Behavioral Attributes:

  • Must consistently demonstrate the behavior of Our Values – Safety First, Intentional Inclusion, Act with Integrity, and Superior Performance

  • Safety First : Prioritize the safety and well-being of employees, customers, and communities.

  • Intentional Inclusion : Foster a culture of belonging and value diversity within the team.

  • Act with Integrity : Conduct business with honesty, respect, and fairness.

  • Superior Performance : Focus on continuous improvement and exceptional service delivery.

  • People Priority: Commit to developing yourself and those around you.

BENEFITS

  • Competitive Pay

  • Excellent benefits packages which includes:

  • Medical and dental coverage

  • Defined Pension/Cash Balance Benefit Plan

  • Performance-sharing plan

  • 401(k) plan with a generous company match

  • Bonus opportunities

  • Tuition Reimbursement

Please submit an updated resume with your application

Southern Company (NYSE: SO) is a leading energy provider serving 9 million residential and commercial customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy infrastructure company with national capabilities, a fiber optics network, and telecommunications services. Through an industry-leading commitment to innovation, resilience, and sustainability, we are taking action to meet our customers’ and communities’ needs while advancing our commitment to net zero emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture and hiring practices have earned the company national awards and recognition from numerous organizations, including Forbes, Military Times, DiversityInc, Black Enterprise, J.D. Power, Fortune, Human Rights Campaign and more. To learn more, visit www.southerncompany.com.

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Identification: 6352

Job Category: Cybersecurity

Job Schedule: Full time

Company: Southern Company Services

Apply