IT Security Operations Center Analyst

This position is in our Security Operations Center and is responsible for monitoring cyber security activity across Southern Company’s telecommunication and data computing infrastructure; detecting, and responding to any activity found. Response could include but is not limited to: troubleshooting, analysis, diagnosis, communicating with stakeholders, and resolution or coordination of resolution via support groups or business units.

This position works with our infrastructure, desktop support, and business unit operational centers to ensure the protection of Southern Company’s cyber related assets.

This position is for the afternoon shift Sunday – Wednesday (11AM – 10PM) EST

JOB REQUIREMENTS

Must be capable of utilizing information security and monitoring tools

Substantial knowledge of IT core infrastructure and cyber security components//devices preferred

Minimum 1 year experience with TCP/IP Networking and knowledge of the OSI model preferred

Minimum 1 year experience with OS management and Network Devices preferred

Minimum 1 year experience with Intrusion Detection/Prevention Systems preferred

Minimum 1 year experience with Antivirus Systems preferred

Minimum 1 year experience monitoring threats via a SIEM console preferred

1 years performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs

Excellent problem solving, critical thinking, and analytical skills – ability to de-construct problems preferred

Strong customer service skills and decision-making skills

Exhibit initiative, follow-up and follow through with commitments

Ability to support and work in a team environment

Strong documenting and oral communication skills

Ability to manage multiple priorities in a high pressure environment

Understanding of IT Security and the ability to apply risk management principles in all aspects IT Security

Ability to maintain confidentiality of data

Must be able to work shifts including nights or overnight

A formal education in Computer Science or a related field; or equivalent experience in IT Security related roles is required

Formal IT Security/Network Certification such as CompTIA Security , Cisco CCNA, CEH, SANS GIAC Certified Intrusion Analyst (GCIA) preferred

Experience with packet analysis (Wireshark) and Malware analysis a plus

Experience working in a Security Operations Center environment is a plus

HP ArcSight experience is a plus

Splunk experience is a plus

Ironnet experience is a plus

MAJOR JOB RESPONSIBILITIES:
Monitor incoming event queues for potential security incidents; Identify and act on anomalous network activity

Perform threat hunting for malicious network activity leveraging analytic platform

Perform initial investigation and triage for potential security incidents

Provide accurate & priority driven analysis on cyber activity/threats

Perform payload analysis of packets

Detonate malware to assist with threat research

Resolve or coordinate the resolution (escalate) of cyber security events

Create, manage, and dispatch incident tickets

Monitor external event sources for security intelligence and actionable incidents

Maintain shift logs with relevant activity

Document investigation results, ensuring relevant details are passed to senior analysts and stakeholders

Participate in root cause analysis or lessons learned sessions

Write technical articles for knowledge sharing

Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business unit operation centers.

Must comply with any regulatory requirements.

#LI

With 4.4 million customers and more than 42,000 megawatts of generating capacity, Atlanta-based Southern Company at http://www.southerncompany.com/ (NYSE: SO at http://investor.southerncompany.com/stockquote.cfm ) is the premier energy company serving the Southeast. A leading U.S. producer of electricity, Southern Company owns Alabama Power, Georgia Power, Gulf Power, Mississippi Power, Southern Nuclear, Southern Power, SouthernLINC Wireless and Southern Telecom. Southern Company also has a growing competitive generation company. Southern Company brands are known for excellent customer service, high reliability and retail electric prices below the national average. Southern Company is consistently listed among the top U.S. electric service providers in customer satisfaction by the American Customer Satisfaction Index (ACSI).

We offer a competitive compensation package. Equal Opportunity Employer.

Job Field: Information Technology

Job Type: Standard

Primary Location: Georgia-Metro Atlanta-Atlanta

Operating Company: Southern Company Services

Job Type: Standard

Travel (Up to…): No

Work Location(s):
Georgia Power Headquarters – 241 Ralph McGill Blvd. NE (241ATLANTA)

241 Ralph McGill Blvd. NE

Atlanta, 30308

Req ID: SCS2007465