Technology Organization Risk & Compliance Analyst
This role manages risk and compliance for SCS TO related to Artificial Intelligence (AI), ensuring controls meet internal and external standards (ex. Sarbanes Oxley, Separation Protocol, NERC CIP), along with internal policies. Occasional overnight travel is required. The position is based in Birmingham at APC headquarters or Atlanta at GPC headquarters.
Key Responsibilities Subject Matter Expertise in Technology Risks and Controls
Act as the Subject Matter Expert (SME) on technology risk and control activities related to AI Governance, providing guidance and support to both internal and external stakeholders. Ensure that all relevant parties have a comprehensive understanding of the organization's technology risk landscape and the associated controls.
Risk Assessment of AI Solutions
Manage the AI Intake and Review process to assess risks such as bias, technology, and security. Ensure the process efficiently identifies risks, enabling faster delivery of solutions with clear risk awareness for stakeholders.
Responsible AI Governance Committee
Support the Responsible AI Governance Committee in establishing AI standards and assessing the risk of AI use cases. Work with Legal, Privacy, and Data Governance to ensure compliance with regulations and internal policies. Prepare executive presentations to inform leadership decisions.
NIST AI Risk Management Framework
Lead the implementation and management of the Technology Organization’s NIST AI Risk Management Framework to ensure appropriate controls are implemented to address the NIST framework objectives.
AI Regulation Monitoring
Monitor and advise on emerging regulations, standards, and best practices related to AI, ensuring timely updates to company policies and procedures.
Stakeholder Training and Awareness
Design and deliver Responsible AI Governance training and awareness initiatives for internal stakeholders on responsible AI use, AI risk and organizational policies.
Policy and Standards Development
Support the development and documentation of new Technology Organization policies and standards. Work closely with Compliance, Internal Audit, and other relevant organizations to ensure that all policies meet the control standards established by the company.
Reporting and Metrics
Develop management-level summaries of AI related risk and compliance issues for presentation to senior management, including the Chief Information Technology Officer (CITO). Develop and share concise business summaries and success metrics that inform senior leadership on the Technology Organization’s performance.
Backup Support for Critical Initiatives
Provide backup support to other risk and compliance teams, assisting with critical initiatives such as Risk Assurance, Risk Profile, and Business Continuity initiatives. Collaborate as needed to ensure organizational compliance with key regulatory and internal standards.
JOB REQUIREMENTS
Education Requirements
- BS/BA Degree in Computer Science / Information Security or related field preferred
- CRISC, CISA or related industry certifications preferred
Experience Requirements
- Prior Technology Security, Server Support and/or internal controls experience preferred
Preferred Areas of Knowledge
- Artificial Intelligence Risks
- Technology controls and processes
- Industry regulations
- Compliance programs and auditing practices
- Information Security principles
- Control frameworks including COBIT-5, NIST or similar control framework
- ServiceNow IRM
Skills Desired
- Detail oriented while working in a fast-paced environment
- Strong oral and written communication skills with ability to communicate effectively at all levels
- An ability to effectively influence others with an emphasis on collaborating across multiple teams and ensuring program needs are satisfied through interpersonal and trusted communication
- Capable of understanding complex technical information
- Strong analytical skills
- Positive attitude, team player & creative problem-solving skills
- Effective time management skills and good business judgment
- Able to multi-task and handle multiple projects simultaneously
- Proficiency with computer skills including Microsoft Suite products (MS Word, Excel, PowerPoint) required
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- Ability to understand deep technical concepts and translate those concepts to non-technical people.
- An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
About Southern Company
Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com .
Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Identification: 18732
Job Category: Information Technology
Company: Southern Company Services
