Southern Company Converged IT/ICS Security Engineer in Atlanta, Georgia
Converged IT/ICS Security Engineer
This position will build and support the IT and ICS security content leveraged by our Security Operations Center and other internal departments. Technologies include but are not limited to Security Information and Event Management (SIEM) platforms, Netflow, Full Packet Analytics and much more. This position works with other business unit SMEs to ensure the technologies are integrated and fully utilized as intended in the protection of Southern Company’s cyber related assets. The role is a technical hands-on role with lots of troubleshooting and problem-solving opportunities.
A formal education in Computer Science or a related field, or equivalent experience in IT Security and ICS engineering related roles is required for this position. Network/Security/System admin experience is preferred.
Engineering degree required.
ICS research background highly preferred.
Security certifications from SANS or similar, as well as previous ICS or data science coursework is a plus.
Advanced knowledge of power delivery system physics, including protection and control schemes is required.
Minimum of 1 years of experience with smart grid technologies.
Working knowledge of NERC CIP regulations and policy application.
Minimum of 3 years of comprehensive working knowledge of Linux and/or Windows OSs.
Minimum of 2 years of working knowledge of Active Directory administration is preferred.
Advanced Working knowledge of basic electronics, PLCs, HMIs, and other process control devices.
Experience with distributed data acquisition systems such as SCADA is required.
Working knowledge of basic metrology is a plus.
Minimum of 3 years of working knowledge of communications protocols such as Modbus, DNP, or Profibus is a plus.
Minimum of 2 years of Cisco and/or Palo Alto Networks administration is preferred.
Scripting skills such as Perl, Python, and/or Shell scripting are a plus.
Advanced knowledge of networking protocols and addressing schemes, i.e., TCP/IP functions, CIDR blocks, subnets, addressing, communications, layer 2, netflow, etc.
Experience supporting Security Information and Event Management products is a plus.
Working knowledge of MITRE ATT&CK framework.
Experience administrating databases such as MySQL, SQL, and/or Oracle are a plus.
Excellent problem solving and analytical skills; ability to solve complex technical issues.
Strong customer service skills.
Exhibit initiative, follow-up and follow through with commitments.
Ability to support and work in a team environment.
Advanced technical writing skills.
Ability to manage multiple tasks and priorities in a high-pressure environment.
Understanding of risk management principles in all aspects of IT and ICS Security preferred.
Experience with and ability to maintain confidentiality of data.
Experience working in or supporting a Security Operations Center is a plus.
Working knowledge of Southern Company infrastructure is a plus.
Must comply with any regulatory requirements.
MAJOR JOB RESPONSIBILITIES:
Perform as subject matter expert driving value from existing tools and deployments utilized by the SOC and other internal security teams by producing content in the form of rules, logic, alerts, integration, testing, custom software, etc.
Establish and maintain the security laboratory used by several teams including content creation, red team, etc.
Perform processes to track state and changes to security content.
Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure teams throughout the Information Technology organization, as well as business unit stakeholder SMEs.
Establish and maintain positive relationships/partnerships with appropriate vendors.
With 4.4 million customers and more than 46,000 megawatts of generating capacity, Atlanta-based Southern Company is the premier energy company serving the Southeast through its subsidiaries. A leading U.S. producer of clean, safe, reliable and affordable electricity, Southern Company owns electric utilities in four states and a growing competitive generation company, as well as fiber optics and wireless communications. Southern Company brands are known for energy innovation, excellent customer service, high reliability and retail electric prices that are below the national average. Southern Company and its subsidiaries are leading the nation's nuclear renaissance through the construction of the first new nuclear units to be built in a generation of Americans and are demonstrating their commitment to energy innovation through the development of a state-of-the-art coal gasification plant. Southern Company has been recognized by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer and listed by DiversityInc as a top company for Blacks. The company received the 2012 Edison Award from the Edison Electric Institute for its leadership in new nuclear development, was named Electric Light & Power magazine's Utility of the Year for 2012 and is continually ranked among the top utilities in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at http://www.southerncompany.com/
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Field: Information Technology
Job Type: Standard
Primary Location: Georgia-Metro Atlanta-Atlanta
Operating Company: Southern Company Services
Job Type: Standard
Travel (Up to...): Yes, 25 % of the Time
Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)
241 Ralph McGill Blvd. NE
Req ID: SCS2008712