Cybersecurity - Services and Acceleration Manager
Job Description
Position Summary:
The Cybersecurity organization is seeking a highly motivated individual to lead our Services and Acceleration team . This role will be focused on leading two teams of highly technical security personnel – a Services team focusing on identity and other security requests as well as a team of developers focused on AppSec consulting and process integration/acceleration.
This is an operations leadership position and requires the ability to swiftly prioritize team tasks, delegate work effectively, address business partner escalations, identify operational inefficiencies, utilize agile project management principles, and mentor team members. The role is responsible for delivering high-quality Services and Application Security experiences to our business partners, while leveraging the right personnel to develop tools that enhance the larger team’s capabilities. These operational functions should be executed through the lens of a risk-based approach where security is always the core principle.
The ideal candidate will have a background in cybersecurity and software development, vulnerability mitigation, an understanding of service management principles, metrics, systems automation, and a mentality of constant improvement. They must be a solid communicator with excellent written and verbal skills. And they must be able to motivate others to provide a consistent and positive business partner experience.
Southern Company is headquartered in Atlanta, and we bring energy to homes and businesses across the country. We’ve made our name as a leading producer of clean, safe, reliable and affordable energy, and we approach each day as a vital step in building the future of energy. We’re always looking ahead, and our innovations in the industry – from new nuclear to deployment of electric transportation and renewables – to help brighten the lives and businesses of millions of customers nationwide. Our team is critical to building the future of energy with secure, resilient, and sustainable cyber solutions.
Defend. Protect. Enable.
Job Responsibilities:
- Lead a team of analysts to handle cybersecurity service management requests and change management.
+ Take responsibility for the request queue - prioritize, set standards, reduce risk, provide training, constantly improve.
- Lead a team of engineers to provide Application Security consulting and automation/acceleration capabilities.
+ Provide business partners assistance with static and dynamic code scanning tools, API security, as well as general cloud or on-prem environment best practices.
+ Guide vulnerability mitigation using a risk-based approach and with technical acumen to speak to both business partners and developers.
+ Protect the quality and security of the company CI/CD by maintaining security guardrails via code.
+ Take on the implementation of tools to automate and accelerate business processes within the cybersecurity organization.
+ This could include writing custom tools from scratch, building Remedy or ServiceNow automations, or managing the backlog of existing tools.
- Manage escalations from business partners and determine the urgency of each case. Collaborate with leadership to meet expectations effectively.
- Design and track metrics to keep a clear view of team workload, customer satisfaction, and other service-related measurements.
- Enhance processes to facilitate improved operational efficiencies, risk mitigation, and customer interactions.
- Lead and deliver projects in scope, on time, and within budget.
- Mentor others to strengthen cybersecurity principles and best practices.
- Apply strong leadership and strategic thinking to a diverse set of opportunities and challenges.
- Establish and maintain excellent working relationships and partnerships across the Technology Organization functions, business partners, and external vendors and suppliers.
- Appreciate and leverage the valuable inputs that come from diverse backgrounds and individual differences.
Requirements and qualifications:
Required
- Proven experience leading a team of security professionals.
- Ability to mentor and develop team members to their fullest potential.
- Deep knowledge of cybersecurity principles and secure application development including CI/CD pipelines and software composition analysis.
- Experience with ITIL-like service management processes and principles, SLAs, queue optimization.
- Strong relationship management skills to collaborate with decision-makers across the company.
- Experience with identity and security concepts such as identity providers, single-sign-on, federation, least-privilege, authentication vs authorization, MFA, and certificates.
- Experience automating technology systems via modern languages and APIs such as PowerShell, Python, REST.
- Ability to lead a project from concept through implementation and anticipate potential problems.
- Experience prioritizing and executing with minimal direction or oversight.
- Must pass NERC CIP & Insider Threat Protection background checks.
Desired
- Experience with information security frameworks such as: NIST, OWASP, CIS Benchmarks, etc.
- Industry certifications such as: CISSP, CCSP, CISA, GIAC, OSCP, CRISC, CCNP, etc.
- Familiarity with nation state, sophisticated criminal, and supply chain threats.
- Up-to-date knowledge of current hacking techniques, vulnerability disclosures, and data breach incidents.
- Working knowledge of cloud and traditional security network architectures.
- Experience with cybersecurity analysis and analytic tradecraft.
About Southern Company
Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com .
Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Identification: 12977
Job Category: Cybersecurity
Job Schedule: Full time
Company: Southern Company Services
