Security Risk & Compliance Analyst

Southern Company

Job Description

**Security Risk & Compliance Analyst**
•*Purpose:** This position supports the Southern Company Gas information security program to ensure the company’s information assets are adequately protected. The incumbent will collaborate with gas utility and commercial business units to define and implement business security requirements and goals, and to identify and resolve business security issues. The position also supports information security compliance programs in response to regulations such as TSA, CFATS, FACTA, NIST, PCI, as well as other state, local, and federal security requirements.
•*Education / Experience:** + Possess a broad-based and in-depth knowledge of information security methodologies, tools, technologies and best practices and how they relate to the organization + Ability to understand technical information security issues/concepts and bring to senior management in an understandable manner + Strong risk assessment skills required in order to adequately convey and remediate information security risks + Ability to move security initiatives forward while producing a culture of help and assistance and not roadblocks. + 3 year IT security experience + Strong knowledge of networking technologies (TCP/IP, HTTP, SMTP, etc.) + Strong knowledge of web application vulnerabilities and solutions + Strong knowledge of Unix & Linux operating systems + Strong knowledge of the functions of various security infrastructure, including firewalls, Intrusion Prevention Systems, Proxy Servers, Security Event Managers, VPNs + Strong knowledge of web application technologies (HTML, JavaScript, etc.) + Ability to identify vulnerabilities in networks, systems and applications using COTS tools and manual processes + General knowledge of network and systems forensics + In depth knowledge of incident response processes and procedures + General knowledge of threat intelligence + A bachelor’s degree in Engineering, Computer Science or related field + Industry certifications highly preferred (CISSP, CISA, CISM, GIAC) + Valid state driver’s license
•*JOB RESPONSIBILITIES** + Serves as subject matter expert in specialized aspects of information security and emerging and advanced technologies + Supports enterprise in all aspects of information security administration + Will be trusted to handle confidential situations and data and conduct investigations and analysis + Consults with IT and business units on the purchase and/or design of information security projects, emerging technologies, or technology-related services before they are implemented + Analyzes business data use processes against vulnerabilities and threats and counsels business units on consequences + Collaborates with cross-functional teams responsible for information systems security to ensure the confidentiality, integrity, and availability of data stored, processed and transmitted + Engages with operating, storage, regulatory, engineering, HR, legal, and training units to evaluate and implement security process for critical infrastructure and key resources + Audit’s business unit security activities to ensure compliance with all corporate information security policies and procedures + Establishes and executes program updates as necessary to adapt to the changing terrorist threat as well as local, state, and federal security requirements + Work with IT and business units across Southern Company Gas to deliver on business requirements, especially as they pertain to cyber security and compliance risk and mitigation + Assists with reviewing existing tools, applications, and processes to optimize current security capabilities, as well as identifying any gaps or technical solutions to further enhance the team's effectiveness + Influence’s business partners to achieve compliance, identifies compliance initiatives, and promotes appropriate security policies + Review’s security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats + Leads the exploration of practical security solutions to address emerging threats and compliance requirements, including design and implementation of recommended solutions
•*ADDITIONAL DETAILS** + Must be able to pass reoccurring background requirements + This position is a member of Company’s Insider Threat Program + Must be eligible to obtain US Government clearance + This position requires frequent (up to 10%) travel to office locations. Overnight travel is expected.
•*_***Please submit an updated resume with your application***_**
•*Southern Company** (NYSE: SO) is America's premier energy company, with **46,000 megawatts** of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving **9 million customers through its subsidiaries** . The company provides clean, safe, reliable and affordable energy through **electric operating companies in four states, natural gas distribution companies in seven states, a competitive generation company serving wholesale customers across America and a nationally recognized provider of customized energy solutions, as well as fiber optics and wireless communications** . Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America's energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity-by-Diversity Inc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top energy companies in Fortune's annual _World's Most Admired Electric and Gas Utility_ rankings. Visit our website at
•*_Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law._**
•*Job Field:** Information Technology
•*Job Type:** Standard
•*Primary Location:** Illinois-Metro Chicago-Naperville
•*Operating Company:** Southern Company Services
•*Job Type:** Standard
•*Travel (Up to...):** Yes, 25 % of the Time
•*Work Location(s):** G O Naperville - 1844 W Ferry Rd. (1844NapervilleCODE) 1844 W Ferry Rd. Naperville, 60536
•*Req ID:** SCS2009678

Job Requirements