Summary of Job Description
This position will be primarily responsible for the management of the Technology Organization’s (TO) Business Continuity Program including the TO Crisis Management process. This position will also serve in a secondary role of supporting the TO Risk Profile. This position will be a member of the Technology Risk and Compliance team within Technology Services, reporting to the Technology Risk and Compliance Manager. The Risk and Compliance team manages multiple compliance programs and provides risk management services to members of TO. The position is based in Birmingham at APC headquarters or Atlanta at GPC headquarters.
Job responsibilities
Business Continuity Program Leadership
- Lead and evolve the TO Business Continuity Program in alignment with the Southern Company Business Assurance Council charter.
- Partner with teams across the Technology Organization to annually update the Business Continuity Plan (BCP) and identify gaps.
- Develop and lead the annual schedule for exercising and testing the BCP to ensure validity, track improvements, and drive action plans.
- Review and update the plan following organizational changes or after activation during a disruptive event.
- Implement structures enabling an effective and proportional response to major disruptions.
- Facilitate execution of business continuity plans during actual events in partnership with TO Leadership, including the CITO.
- Present Business Continuity Program status updates to executive leadership.
- Evaluate recovery strategies with critical activity owners to ensure recovery objectives can be met within required timeframes.
- Provide training to personnel responsible for executing business continuity roles.
- Conduct workshops to build broad organizational awareness of continuity plans.
- Coordinate program activities with the Enterprise Risk Management Organization and Enterprise Resilience Team.
- Maintain the organizational Business Impact Analysis (BIA) in collaboration with the Enterprise Resilience Team.
Crisis Management Program Leadership
- Develop, maintain, and oversee the TO Crisis Management Process, integrating multiple related plans such as the TO Business Continuity Plan, Storm Plan/Logistics Process, Disaster Recovery Plan, Critical Situation (Crit Sit) Process, and Cyber Security Incident Response Plan.
- Establish and maintain clear governance for the crisis management process.
- Develop and oversee a comprehensive, holistic crisis management framework for the Technology Organization.
- Partner with other plan owners to ensure clear communication channels during plan activation.
- Support TO crisis management execution during real‑world events as needed.
- Lead testing efforts for the Crisis Management process in coordination with related organizational plans.
- Coordinate communications with TO and operating company IST teams during events.
- Review Crisis Management Program status with executive leadership and organizational management.
- Communicate the overall crisis management approach and clarify roles of related plans for participants and stakeholders.
- Maintain the TO Business Impact Analysis (BIA) to drive crisis management recovery priorities.
Education Requirements
Bachelor’s degree in information security, information assurance, computer science, management information systems, computer information systems, or a related discipline.
Preferred Certifications
Industry certifications including but not limited to:
- ABCP (Associate Business Continuity Professional)
- CBCP (Certified Business Continuity Professional)
- CDRE (Certified Disaster Recovery Engineer)
- CFCP (Certified Functional Continuity Professional)
- MBCP (Master Business Continuity Professional)
- CMCS (Crisis Management Certified Specialist)
Experience Requirements
Prior experience in disaster recovery, business continuity or crisis management
Preferred Areas of Knowledge (not all required)
- Disaster Recovery
- Business Continuity
- Crisis Management
- Governance/Risk and Compliance
Skills Desired (not all required)
- Experience creating, implementing, maintaining and monitoring policies, standards, procedures, programs, plans and processes
- Experience in maintaining a Business Continuity / Disaster Recovery / Crisis Management program and deliverables
- Understands the basic tenants of enterprise risk management (threat management, vulnerability management, and risk treatment).
- Extremely detail oriented while working in a fast-paced environment
- Strong oral and written communication skills with ability to communicate effectively at all levels
- Strong interpersonal skills to effectively interact with several departments, auditors, and management
- Capable of understanding complex technical information
- Strong analytical skills
- Positive attitude, team player & creative problem-solving skills
- Effective time management skill and good business judgment
- Able to multi-task and prioritize multiple projects simultaneously
- Proficiency with computer skills including Microsoft Suite products (MS Word, Excel, PowerPoint) required
- Ability to balance compliance requirements with technical operational requirements
- Ability to be diplomatic but push back as necessary with internal and external groups and individuals at all levels (analysis to execution)
- Ability to understand deep technical concepts and translate those concepts for non-technical people.
- Ability to facilitate conversations and exercises with all levels of employees, including senior level executive management
- Ability to assess and manage external consultants to assist with process and program development activities
About Southern Company
Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com .
Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Identification: 17156
Job Category: Information Technology
Company: Southern Company Services
