Cyber Security Analyst
Georgia Power Company
Cyber Security Analyst
Cyber Security Analyst
Job Description
A Southern Company Security Analyst participates in monitoring, hunting and responding to cyber security events. He or She, provides a front-line role during cyber security incidents, identifying the extent of the threat, business impacts and advising or sometimes performing the most suitable course of action to contain, eradicate and remediate an incident. A Southern Company Security Analyst maintains a good knowledge of the threat landscape, helps enhance visibility and response capabilities by identifying new methods of detecting threats. A Southern Company Security Analyst is proactive and seeks out adversaries determined to negatively impact Southern Companies reputation, financial interest or threatens the safety of our employees and customers.
Candidates are expected to discuss and demonstrate they meet required qualifications for applicable roles.
Responsibilities
Take action on security events presented to Analyst via SIEM, user submissions, dashboards, etc.
Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats
Remain abreast of emerging threat patterns and provide recommendations to detect threats
Assists with patching recommendations and workarounds for zero-day threats.
Coordinate mitigation or remediations task with stakeholders or supporting teams
Communicates with management on incident updates.
Monitors SIEM and analyzes security events to determine appropriate actions
Monitors emails containing links/attachments associated with potential phishing attempts to determine appropriate actions
Identify and tune false positives associated with current security events
Document analytical steps and findings associated with security event investigations
Qualifications Required for Cyber Security Analyst
2 years IT security experience
Minimum 2 years of experience in performing analysis on Windows and LINUX/UNIX systems
-
Minimum 2 years of experience and/or familiarity in the following areas:
Network/Endpoint: analysis tools
Scripting languages
Windows/Unix command line utilities
Reputation analysis associated with IP’s, Domains, Email Addresses
Ticketing Systems
Required to submit to a background examination.
Experience operating within a security application such as Kali, Metasploit, and etc.
-
Familiar with and have worked within Cyber Security Frameworks such as:
NIST 800 – 61
Attack Life Cycle
SANS Security Controls
MITRE
SANS Security 500 Series or other industry standard equivalent
Experience with PCAP analysis
Experience investigating endpoint and network security events
Experience investigating user reported Phishing events (specifically investigating suspicious links and attachments)
Experience analyzing security events utilizing sandbox technology
Experience operating within a security application such as Kali, Metasploit, and etc.
Oral and written communication skills
Experience taking ownership of incidents from acknowledgement to resolution
Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies
Experience initiating security event investigations
Preferred capabilities :
Oral and written communication skills
Ability to take ownership of incidents from acknowledgement to resolution
Ability to initiate security event investigations
Ability to comprehend and articulate business impact associated with security events
Interacting with vendors to support proof of concepts
Proficient in Microsoft Office products: Excel, Word, Outlook and etc.
Exposure, experience and/or knowledge of cloud technology
Familiar with NIST 800-61 and SANS Critical Security Controls
Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies
Desired certifications:
GIAC Security Essentials (GCIH)
GIAC Certified Intrusion Analyst (GCIA)
Security+ Other certifications within IT Security
Characteristics of an Southern Company Cyber Analyst
Self-Motivated – Cyber Analysts do not only act when security tools trigger alerts, we are suspicious by nature and can generate security events based on self-initiated task.
Perseverance - Cyber Analysts identify resources that allow us to move through or around barriers as we analyze cyber security events.
Dependable – Cyber Analysts work within a team environment and thus, we rely on one another for knowledge-sharing and dependence.
Integrity - As Cyber Analysts, our reputation is our code of ethics. We are not perfect. We admit our mistakes. We do the right thing.
Sense of Humor – Although this may vary, just have one; I promise we can work with it. We have a lot of fun in what we do, so you will need a sense of humor to keep up.
This position falls under the company’s Insider Threat Program and will have access to, and control over sensitive data, systems or assets. Enhanced personnel screening, which includes a background review, drug screen and psychological assessment, will be required if you are selected for this position
About Southern Company
Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com .
Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Identification: 15082
Job Category: Cybersecurity
Job Schedule: Full time
Company: Southern Company Services
Share this job
Candidate Profile
Take a few minutes to create or modify your employment profile and to specify your preferred working criteria for future openings matching your interests.
Our Culture & Hiring Process
Learn more about Southern Company’s culture, values, and inclusion initiatives and what our hiring process looks like. You are one step closer to helping us build the future of energy!