Data Security Architect

Southern Company • Birmingham, AL • 3h ago

Position Summary:

Southern Company is seeking an experienced Data Security Architect to lead the design and implementation of enterprise data security capabilities. This role is responsible for developing and executing the strategic roadmap for data protection technologies, processes, and standards that safeguard sensitive information across cloud, SaaS, endpoint, on-premises, and hybrid environments.

The Data Security Architect serves as the technical lead for data security initiatives, translating business requirements, regulatory obligations, and cybersecurity objectives into scalable solutions. This role will lead the architecture, deployment, and optimization of capabilities such as data classification and labeling, Data Loss Prevention (DLP), Data Security Posture Management (DSPM), encryption, data discovery, and related controls.

Successful candidates will possess strong technical expertise, strategic thinking, and the ability to lead complex initiatives from concept through operationalization while balancing risk reduction with business enablement.

Develop and execute the enterprise Data Security strategic roadmap aligned to cybersecurity and business objectives.
Construct and carry out a strategic vision for rigorous and scalable security controls with key performance indicators.
Design and deploy enterprise data protection capabilities including DLP, DSPM, data classification and labeling, encryption, and data discovery solutions.
Develop target-state architectures, standards, and implementation patterns for protecting sensitive data across cloud, SaaS, endpoint, and on-premises environments.
Lead technology evaluations, proof-of-concepts, and implementations of emerging data security capabilities.
Partner with Data Governance, Legal, Privacy, Compliance, Infrastructure, Cloud, and Application teams to integrate security requirements into business and technology processes.
Develop and maintain data security standards, reference architectures, and technical guidance.
Architect and guide implementation of encryption strategies and key management practices for sensitive data.
Establish metrics and reporting to measure program effectiveness, control coverage, and risk reduction.
Conduct security architecture reviews and provide recommendations for data protection, risk mitigation, and compliance requirements.
Mentor analysts while providing technical leadership across Data Security initiatives.
Lead and deliver projects in scope, on time, and within budget.
Serve as a trusted advisor to business and technology leaders by translating security risks into actionable recommendations.
Build strong relationships with stakeholders, vendors, and partners to advance enterprise data security objectives.

Minimum

5+ years of experience in cybersecurity, security architecture, information protection, or data security.
Hands-on experience designing and deploying enterprise data protection technologies such as DLP, DSPM, data classification, labeling, and encryption.
Strong understanding of data protection principles across cloud, SaaS, endpoint, hybrid, and on-premises environments.
Experience developing security architectures, technology standards, and strategic roadmaps.
Demonstrated ability to lead complex technical initiatives from design through implementation.
Strong communication and stakeholder management skills with the ability to influence technical and business teams.
Experience prioritizing and executing initiatives with minimal oversight.
Must pass NERC CIP & Insider Threat Protection background checks.

Preferred Qualifications

Experience with Microsoft Purview, DSPM platforms, Insider Risk Management, Information Protection, or similar data security technologies.
Experience implementing enterprise data classification, labeling, and governance programs.
Experience designing encryption architectures and key management solutions.
Familiarity with privacy, compliance, and regulatory requirements impacting sensitive data.
Experience securing data in Azure, AWS, and GCP environments.
Industry certifications such as CISSP, CCSP, CISM, CRISC, or related security certifications.
Familiarity with security frameworks including NIST, CIS, COBIT, and Zero Trust principles.
Experience supporting critical infrastructure environments.

About Southern Company

Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com .

Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and beneﬁts will also be provided during the hiring process.

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Identification: 19805

Job Category: Cybersecurity

Job Schedule: Full time

Company: Southern Company Services