JOB DESCRIPTION

Schedule: M-F
Location: Primarily remote 20% in office – Atlanta or Birmingham

POSITION SUMMARY:

Southern Company, a major U.S. energy firm, is seeking a highly skilled cloud security architect and technical leader, to design creative solutions and reduce risk. The candidate will directly support the company’s efforts to mitigate real and potential cyber threats to the company’s facilities, personnel, technology, operations, and brand – including critical electric and gas utility infrastructure and its privately owned telecommunications network. This critical role is essential for ensuring the security and integrity of our Azure tools and platforms, implementing guardrails via code to allow for the safe use of AI (Artificial Intelligence), primarily with Azure Databricks, but also extending to other platforms as required. The ideal candidate will be responsible for establishing robust security guardrails and continuously enhancing our security posture to safeguard our critical infrastructure.
This role will have responsibility for designing and implementing technology and processes that support the strategic direction for the Enterprise Security Architecture team. This role will focus on the development and implementation of security strategies for AI tools and platforms that align with the strategic roadmap. Interested applicants should be well rounded in their understanding and application of different security and technology platforms; in areas such as identity, networking, endpoint, data, monitoring, cloud, and/or application security. Qualified candidates need to be able to align strategy and execution to increase cybersecurity maturity, anticipate future requirements for complex traditional, hybrid, and multi-cloud environments, drive initiatives via influence and relationships into business processes, keep up with current security trends, be focused on results, and be a self-starter.

This position is responsible for ensuring the confidentiality, integrity, and availability of the company’s information assets. This will be accomplished by:

• Establishing and implementing an information security framework and technical architecture.
• Designing, developing, and implementing information security solutions.
• Establish and maintain security guardrails to support the safe implementation of AI and automation.
• Providing information security expertise and consulting.

While Southern Company is headquartered in Atlanta, we bring energy to homes and businesses across the country. We’ve made our name as a leading producer of clean, safe, reliable, and affordable energy, and we approach each day as a vital step in building the future of energy. We’re always looking ahead, and our innovations in the industry—from new nuclear to deployment of electric transportation and renewables —help brighten the lives and businesses of millions of customers nationwide. Our team is critical to building the future of energy with secure, resilient, and sustainable cyber solutions.

REQUIREMENTS AND QUALIFICATIONS:

Minimum

• Hands-on experience with Azure Databricks and Azure AI Services
• Strong understanding of AI and machine learning concepts, algorithms, and frameworks. Including LLM concepts, content safety, and data validation.
• Strong analytical and problem-solving skills, an understanding of ethical and regulatory requirements related to AI security, and a continuous learning mindset.
• Hands-on experience designing, architecting, and implementing various information security tools/products such as PKI, Static or Dynamic Code Analysis, Next-Generation Firewalls, HSM’s, SIEM, Multi-Factor Authentication, IPS, Database Encryption, Privileged Identity Management, Cloud Posture Management, etc.
• Competency in APIs (Rest, Graph) and/or JavaScript/JSON/Kubernetes/SQL.
• Experience promoting security as a business enablement function using influence, metrics, documentation, strong verbal communication, and presentation skills.
• Working knowledge of cloud and traditional security network architectures.
• Ability to lead a project from concept through implementation and anticipate potential problems.
• Experience prioritizing and executing with minimal direction or oversight.
• Ability to perform detailed information security risk assessments and recommend mitigating controls.
• Must pass NERC CIP & Insider Threat Protection background checks.

Preferred Qualifications

• Experience with software development and programing.
• Technical knowledge of application development practices, CI/CD pipelines, various cloud platforms including Azure, AWS, or GCP, modern operating systems, networking protocols and designs, and identity management.
• Azure certifications preferred.
• Industry certifications such as: CISSP, CCSP, CASA, CEH, OSCP, CRISC, CCNP, etc.
• At least 5 years of experience playing a key role in building technical programs.
• Experience with information security frameworks such as: NIST, OWASP, etc.
• Familiarity with nation state, sophisticated criminal, and supply chain threats.
• Up-to-date knowledge of current hacking techniques, vulnerability disclosures, and data breach incidents.
• Experience with cybersecurity analysis and analytic tradecraft.

Southern Company (NYSE: SO) is a leading energy provider serving 9 million residential and commercial customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy infrastructure company with national capabilities, a fiber optics network, and telecommunications services. Through an industry-leading commitment to innovation, resilience, and sustainability, we are taking action to meet our customers’ and communities’ needs while advancing our commitment to net zero emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture and hiring practices have earned the company national awards and recognition from numerous organizations, including Forbes, Military Times, DiversityInc, Black Enterprise, J.D. Power, Fortune, Human Rights Campaign and more. To learn more, visit www.southerncompany.com .
Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.
Southern Company is an equal opportunity employer where an applicant’s qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Identification: 10091
Job Category: Cybersecurity
Job Schedule: Full time
Company: Southern Company Services

JOB RESPONSIBILITIES:

• Develop and implement security strategies and guardrails for AI tools and platforms, example. Databricks
• Conduct regular security assessments and audits to identify vulnerabilities and implement corrective actions.
• Collaborate with cross-functional teams to integrate security best practices into AI development and deployment processes.
• Monitor and respond to security incidents related to AI systems.
• Align forward thinking strategy with business goals to integrate and raise the bar on security practices and solutions.
• Assist in the ongoing development of Southern Company’s security architecture – identify areas of opportunity, research alternatives, and recommend solutions.
• Develop creative solutions to meet business needs while ensuring appropriate security controls and best practices are implemented.
• Partner with others to identify and resolve information security issues.
• Plan, coordinate, and lead information security projects.
• Help internal customers understand and apply information security concepts, processes, and technologies.
• Maintain current knowledge of information security concepts, technologies, and practices.
• Mentor others to strengthen cybersecurity principles and best practices (ex. outside operational areas).
• Establish and maintain excellent working relationships and partnerships across the Technology Organization, business partners, and external vendors and suppliers.
• Create an environment that fosters accountability, innovation, and engagement at all levels.

This position is responsible for ensuring the confidentiality, integrity, and availability of the company’s information assets. This will be accomplished by:

• Establishing and implementing an information security framework and technical architecture.
• Designing, developing, and implementing information security solutions.
• Establish and maintain security guardrails to support the safe implementation of AI and automation.
• Providing information security expertise and consulting