Specialized Cyber Security Engineering Manager

At Southern Company, our core objective is to ensure a safe and reliable computing environment for the consumers of our services, both internally and externally. Our complex environment generates a constant stream of challenges which require continual innovation with an evolving set of technologies. Keeping the network safe and reliable ensures that our users stay connected with our applications, products and services.

Position Overview: 

This role is within the Southern Company Cybersecurity organization.  This is a management position responsible for leading a team focused on leading security engineering services for the Specialized Cybersecurity Support (SCS2) team. These responsibilities include but are not limited to overseeing network security services, security technology lifecycle engineering and security solutions architecture for critical operational environments in both Electric and Gas. This manager’s role reports to the Specialized Cybersecurity Support Senior Manager and needs to be comfortable engaging with executive leadership and business-unit aligned security stakeholders.

The ideal candidate will have a strong background in cyber security, with experience in security architecture, engineering and hands-on experience in operational technology environments. 

Job Responsibilities:  

Lead security engineering services team and deliver security solutions that mitigate potential security risks. Design and oversee the implementation of advanced security policies and strategies tailored to the unique needs of operational environments. Foster the integration of OT and IT security practices to create a robust security architecture that is resilient against cyberattacks. Champion training and development programs to elevate security culture and best practices across client organizations. Engage with business partners at a strategic level, delivering exceptional service and identifying new avenues for SCS2 to provide value. Keep a pulse on industry trends and leverage this knowledge to drive innovation within the SCS2 cybersecurity program. Exemplify a leadership approach focused on building, inspiring and developing outstanding teams  Use frameworks such as the Cyber Kill Chain, Diamond Model for intrusion analysis and MITRE  ICS ATT&CK to identify and analyze threats and their effectiveness against our cyber defenses Champion the effort to increase detection and log coverage across all operational environments Develop metrics for ongoing performance measurement and reporting, and provide regular status to key stakeholders Apply strong leadership and strategic thinking to a diverse set of opportunities and challenges Hire, develop, reward and retain a highly qualified and diverse team Create an environment that fosters accountability, innovation and engagement at all levels Establish an annual budget and meet expense and capital spend targets  Act as a student of business and technology, anticipating future needs and shifts in technology and energy industries. Appreciate and leverage the valuable inputs that come from diverse backgrounds and individual differences

Requirements and qualifications:     

Bachelor’s degree preferred. An advanced degree is desirable. Industry certification required (CISSP, CISA, GIAC, CISM) At least 5 years of experience directly supporting some type of technology such as servers, switches, firewalls etc. At least 5 years of experience in cybersecurity, with a proven track record of leadership in this domain 3+ years of experience in leading teams Demonstrated ability to be an inclusive leader Strong leadership abilities, with the capability to attract and retain top talent, and motivate and develop personnel and future leaders Experience with applying sophisticated cyber threat actor Tactics, Techniques, Procedures (TTPs) to security operations Excellent communication and interpersonal skills, capable of engaging with business partners and stakeholders at all levels. A strategic thinker with a resourceful mindset, adept at navigating complex challenges and driving team performance. Must pass NERC CIP & Insider Threat Protection background checks