Back to All Jobs
Atlanta, GA, USA
12 days ago
Cyber Security Analyst-Threat Analyst

Cyber Security Analyst  
 

Job Description 

A Southern Company Security Analyst participates in monitoring, hunting and responding to cyber 
security events.  He or She, provides a front-line role during cyber security incidents, identifying the 
extent of the threat, business impacts and advising or sometimes performing the most suitable course 
of action to contain, eradicate and remediate an incident. A Southern Company Security Analyst 
maintains a good knowledge of the threat landscape, helps enhance visibility and response capabilities 
by identifying new methods of detecting threats. A Southern Company Security Analyst is proactive and 
seeks out adversaries determined to negatively impact Southern Companies reputation, financial 
interest or threatens the safety of our employees and customers.  
 

In this specific role, the Southern Company Security Analyst will help to better position the Security 
Operations Center in monitoring of the IT/OT boundary. OT experience is a preferred quality.  
 

Candidates are expected to discuss and demonstrate they meet required qualifications for applicable 
roles.   
 

Responsibilities 
• Take action on security events presented to Analyst via SIEM, user submissions, dashboards, etc.  
• Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats  
• Remain abreast of emerging threat patterns and provide recommendations to detect threats   
• Assists with patching recommendations and workarounds for zero-day threats.  
• Coordinate mitigation or remediations task with stakeholders or supporting teams  
• Communicates with management on incident updates.  
• Monitors SIEM and analyzes security events to determine appropriate actions 
• Monitors emails containing links/attachments associated with potential phishing attempts to 
determine appropriate actions  
• Identify and tune false positives associated with current security events 
• Document analytical steps and findings associated with security event investigations 
 

Qualifications Required for Cyber Security Analyst 
• 5 years IT security experience 
• Minimum 4 years of experience in performing analysis on Windows and LINUX/UNIX systems 
• Minimum 4 years of experience and/or familiarity in the following areas: 
o Network/Endpoint: analysis tools 
o Scripting languages 
o Windows/Unix command line utilities 
o Reputation analysis associated with IP’s, Domains, Email Addresses  
o Ticketing Systems  
• Required to submit to a background examination.  
• Experience operating within a security application such as Kali, Metasploit, etc.  
 

Preferred capabilities: 
• Oral and written communication skills 
• Ability to take ownership of incidents from acknowledgement to resolution 
• Ability to initiate security event investigations  
• Ability to comprehend and articulate business impact associated with security events 
• Interacting with vendors to support proof of concepts 
• Proficient in Microsoft Office products: Excel, Word, Outlook, etc.  
• Exposure, experience and/or knowledge of cloud technology  
• Familiar with NIST 800-61 and SANS Critical Security Controls 
• Ability to identify and mitigate security events by recommending and/or implementing 
defensive/preventive strategies 
• Experience with Operational Technology (OT) environments and understanding of IT/OT 
convergence 
o Knowledge of ICS/SCADA protocols such as Modbus, DNP3, etc. 
o Understanding of firewalls, VLANs, and DMZs specific to OT environments. 
o Proficiency in using security information and event management (SIEM) systems to 
monitor both IT and OT networks. 
o Experience with intrusion detection/prevention systems (IDS/IPS) and their 
application in OT environments. 
o Familiarity with NIST SP 800-82 
 

Desired certifications: 
• GIAC Security Essentials (GCIH) 
• GIAC Certified Intrusion Analyst (GCIA) 
• Security+ 
• Other certifications within IT Security 
 

Characteristics of an Southern Company Cyber Analyst  
• Self-Motivated – Cyber Analysts do not only act when security tools trigger alerts, we are suspicious 
by nature and can generate security events based on self-initiated task.  
• Perseverance -  Cyber Analysts identify resources that allow us to move through or around barriers 
as we analyze cyber security events.  
• Dependable – Cyber Analysts work within a team environment and thus, we rely on one another for 
knowledge-sharing and dependence.  
• Integrity -  As Cyber Analysts, our reputation is our code of ethics.  We are not perfect.  We admit 
our mistakes.  We do the right thing.  
• Sense of Humor – Although this may vary, just have one; I promise we can work with it.  We have a 
lot of fun in what we do, so you will need a sense of humor to keep up.

Show More
Save & Apply Later Applying Later... Click to ApplyI AppliedDidn't Apply
Confirm your E-mail: Send Email
Apply for this job
Next Job »
All Jobs from Southern Company
118 Southern Company jobs in Atlanta, GA 240 Southern Company jobs in Georgia 489 Southern Company jobs in US
Next Job »
Search Jobs Southern Company Apply Later
Processing Unique Jobs for You: