Identity Security Program Manager
Location: Birmingham, AL or Atlanta, GA (Onsite 4 days a week)
Position Summary:
Southern Company is seeking a highly organized, execution‑focused Identity Security Program Manager to help drive delivery and operational effectiveness of the enterprise Identity Security Program. This role will report to the Sr Manager of Identity Security and will serve as the program’s operational lead, ensuring strategic priorities are translated into clear plans, measurable outcomes, and reliable execution. This is a primarily on-site role with 4 days per week in-office presence expected.
This position directly supports Southern Company’s mission to mitigate real and potential cyber risks to its critical electric and gas utility infrastructure, operational technology environments, enterprise IT systems, personnel, customers, and brand. The role partners closely with Cybersecurity, Technology, Legal, Privacy, Compliance, HR, and business stakeholders to enable cross‑functional alignment and consistent delivery.
The Identity Security Program Manager will coordinate and drive execution across a portfolio of projects including identity lifecycle, governance, privileged access, vendor access, self-service, and non‑human/agentic identity initiatives. Success in this role requires strong program management fundamentals—planning, governance, stakeholder alignment, metrics, and continuous improvement—combined with the ability to operate in a highly regulated, mission‑critical enterprise environment. This role ensures disciplined delivery through clear roadmaps, defined milestones, and outcome‑based measurement to achieve predictable results and ongoing identity program maturity.
Job Responsibilities
- Execute the enterprise Identity Security Program roadmap in alignment with strategic direction set by cybersecurity leadership.
- Manage integrated program plans across identity lifecycle management, access governance, authentication, authorization, privileged access, and non‑human/workload identity initiatives, including milestones, dependencies, risks, and delivery timelines.
- Establish and maintain program operating rhythms, including status reporting, risk and issue management, and action item tracking.
- Implement and maintain operating models, workflows, and procedures to support effective and repeatable identity security program execution.
- Coordinate cross‑functional delivery efforts across Cybersecurity, Technology, Cloud, Legal, Privacy, Compliance, HR, and business teams to ensure alignment and timely execution.
- Ensure initiatives are operationally ready prior to scale or enforcement, including documented processes, runbooks, escalation paths, and communications.
- Support enterprise efforts to define, implement, and govern identity standards and access models for human and non‑human identities.
- Drive ongoing maturity of IAM, IGA, PAM, and access control capabilities by coordinating adoption, tuning, and remediation workflows to reduce risk while minimizing business friction.
- Coordinate remediation activities for identified identity risks, including over‑privileged access, orphaned identities, excessive entitlements, and weak authentication controls.
- Partner with SOC and Incident Response teams to support identity‑related alert triage, investigation workflows, and escalation processes.
- Develop and maintain program metrics, dashboards, and reporting related to delivery progress, operational effectiveness, and identity security outcomes.
- Support governance, change management, and exception processes for identity policies, controls, and enforcement actions.
- Promote a culture of accountability, collaboration, and continuous improvement across identity program stakeholders.
Requirements and Qualifications
Minimum
- Proven experience managing cybersecurity or technology programs for large‑scale enterprise initiatives.
- 5+ years of experience in program management, cybersecurity operations, or technology delivery roles.
- Experience coordinating or supporting identity security capabilities such as IAM, IGA, PAM, authentication, authorization, or access governance programs.
- Strong understanding of identity and access management concepts across on‑prem, cloud, SaaS, and hybrid environments.
- Demonstrated ability to manage cross‑functional workstreams, dependencies, and competing priorities.
- Communication and organizational skills, with the ability to produce executive‑ready status updates and reporting.
- Ability to operate effectively in a matrixed organization without direct authority.
- Must pass Insider Threat Protection background checks
Preferred Qualifications
- Experience supporting or coordinating IAM, IGA, or PAM programs.
- Familiarity with Zero Trust identity and access principles.
- Experience developing program dashboards, KPIs, and operational reporting.
- Experience coordinating identity initiatives with SOC, Incident Response, or GRC teams.
- Familiarity with non‑human identities, workload identities, and service principals.
- Experience supporting or securing highly regulated or critical infrastructure environments.
- Working knowledge of authentication mechanisms, access controls, and identity lifecycle processes.
This position falls under the company’s Insider Threat Program and will have access to, and control over sensitive data, systems or assets. Enhanced personnel screening, which includes a background review, drug screen and psychological assessment, will be required if you are selected for this position
About Southern Company
Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com .
Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Identification: 18419
Job Category: Cybersecurity
Job Schedule: Full time
Company: Southern Company Services
