View All Jobs/Careers

Job Information

Southern Company Application Security Engineer in Atlanta, Georgia

Application Security Engineer

Description

At Southern Company, our core objective is to ensure safe and reliable computing environment for the consumers of our services, both internally and externally. Our complex environment generates a constant stream of challenges which require continual innovation with an evolving set of technologies. Keeping the organization safe and reliable ensures that our users stay connected with our applications, products and services.

Position Overview: The Application Security Engineer will serve as the Application Security lead and work with application development and infrastructure teams to ensure applications are designed, coded, and implemented securely. The Engineer will act as a subject matter expert on design review, code review, and dynamic analysis and drive the improvement of policies, standards, and other supporting documentation. This is a hands-on technical position that you will find you collaborating with multiple groups across the organization. Strong communication skills are needed to explain complex application security topics to a wide variety of technical levels. Experience as a developer is preferred, but not required

Qualifications:

  • Extensive experience in web application security

  • Experience applying knowledge of application security throughout the SDLC

  • Experience conducting source code reviews

  • Hands-on experience with integrating security into DevOps pipelines

  • Experience with static application security testing tools such as Veracode, Fortify, Checkmarx

  • Experience with dynamic analysis tools such as WebInspect, BurpSuite, OWASP ZAP and AppScan

  • Familiarity with key network security solutions such as firewalls, WAF and IPS

  • Understanding and awareness of Agile methodologies

  • Proven experience leading and building teams

  • Hands on experience with web services security penetration testing preferred

  • Robust knowledge of cloud environments and technologies including Azure, AWS, Puppet/Ansible, Containers, SQL / NoSQL Databases, Java and Python

  • Strong passion for leadership and mentoring junior team members

Job Responsibilities:

  • Managing end to end ownership of application security while leading and building the application security team

  • Conduct design review, code review, and dynamic analysis of applications

  • Act as application security champion and educate others within in the organization on secure coding best practices

  • Identify, communicate, and drive the resolution of vulnerabilities

  • Serve as a subject matter expert for application development and infrastructure teams

  • Communicate effectively with a wide variety of technical levels

  • Perform security assessments of web and mobile applications

  • Help customers understand and apply information security concepts, processes and technologies

  • Maintain current knowledge of information security concepts, technologies and practices

Job Requirements :

  • United States citizenship is required

  • Awareness of energy industry trends, opportunities and challenges

  • Strong technical consulting experience; ability to understand business requirements and present appropriate solutions

  • Effectively communicate both technical and business requirements

  • Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions

  • Basic budgeting, accounting and financial skills preferred

  • Must pass NERC CIP & Insider Threat Protection background checks

  • Occasional travel to local and regional locations in pursuit of the job duties and requirements.

Ideal Candidate:

  • Bachelor’s Degree in relevant curricula

  • Prior experience as a software developer, pen tester or application security consultant

  • Solid understanding of public cloud environments (AWS, Azure, GCP)

#LI

With 4.4 million customers and more than 46,000 megawatts of generating capacity, Atlanta-based Southern Company is the premier energy company serving the Southeast through its subsidiaries. A leading U.S. producer of clean, safe, reliable and affordable electricity, Southern Company owns electric utilities in four states and a growing competitive generation company, as well as fiber optics and wireless communications. Southern Company brands are known for energy innovation, excellent customer service, high reliability and retail electric prices that are below the national average. Southern Company and its subsidiaries are leading the nation's nuclear renaissance through the construction of the first new nuclear units to be built in a generation of Americans and are demonstrating their commitment to energy innovation through the development of a state-of-the-art coal gasification plant. Southern Company has been recognized by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer and listed by DiversityInc as a top company for Blacks. The company received the 2012 Edison Award from the Edison Electric Institute for its leadership in new nuclear development, was named Electric Light & Power magazine's Utility of the Year for 2012 and is continually ranked among the top utilities in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at www.southerncompany.com. at http://www.southerncompany.com/

We offer a competitive compensation package. Equal Opportunity Employer.

Job Field: Information Technology

Job Type: Standard

Primary Location: Georgia-Metro Atlanta-Atlanta

Operating Company: Southern Company Services

Other Locations: Alabama-Metro Birmingham/Eastern AL-Birmingham

Job Type: Standard

Travel (Up to...): Yes, 25 % of the Time

Work Location(s):

Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)

241 Ralph McGill Blvd. NE

Atlanta, 30308

APC Corporate Headquarters - 600 North 18th Street (600BIRMINGHAM)

600 North 18th Street

Birmingham, 35203

Req ID: SCS2008838

back to top
DirectEmployers