Insider Threat Fusion Center Analyst - Birmingham, United States - Southern Company

    Southern Company
    Southern Company Birmingham, United States

    2 weeks ago

    Default job background
    Description
    Insider Threat Fusion Center Analyst


    POSITION SUMMARY:
    Is curiosity your primary talent?

    Do you have a passion for finding bad guys?

    Is your ideal career at the intersection of technology and people that use it?

    A leading U.S. energy company seeks an inquisitive expert to join our Insider Threat Fusion Center (FC) in a technical analyst role.

    The candidate will directly support the company's efforts to address potential insider threats to the company's facilities, personnel, technology, operations, and brand.


    The successful applicant will leverage analytical skills to identify and track potential insider threat activity, develop content specific to technical sabotage against critical systems, conduct research on behalf of the team, and help ensure that capabilities are effectively implemented.

    The Analyst will learn to use statistical techniques, machine learning capabilities and artificial intelligence tools to identify and analyze suspicious behavior.


    Ideally, the candidate will also bring experience bridging the gap between cyber-physical security and the engineering or operation of industrial control systems.

    Example competencies include familiarity with Distributed Control Systems (DCS) and Supervisory Control & Data Acquisition (SCADA) architecture.


    RESPONSIBILITIES:
    Triage alerts by conducting limited inquiry to classify activity for further investigation and resolution

    Interpret relevant data sets, use techniques, and manipulate tools to identify potential insider threat behavior and risks

    Handle confidential situations and data with appropriate discretion

    Implement best practices for tuning analytic technologies to maximize probability of detection while minimizing false positives

    Improve existing methodologies for technical threat assessment

    Train other Fusion Center analysts on developed analytical processes

    Support day-to-day operations related to the Insider Threat Program

    Stay current on relevant technologies as assigned

    If applicable, leverage ICS knowledge and experience to develop content specific to sabotage

    If applicable, enhance bench strength by sharing ICS related knowledge with team members


    REQUIREMENTS:
    Minimum

    Understanding of best practices for detecting, identifying and classifying insider or cyber threats

    Intellectual curiosity to find solutions

    Excellent problem solving and analytical skills; ability to solve complex technical issues

    Familiarity using multiple analytic methodologies, programs, and tools in support of cyber and human threat analysis

    2-3 years of prior experience working in an operational environment such as a Security Operations Center

    Strong communication skills; ability to successfully communicate analytic results

    Ability to prioritize work and complete assignments under supervision

    Preferred

    BA/BS in computer science, data science, engineering, mathematics, or security-related field or equivalent experience

    Experience building content, alerts, and workflows utilizing the Splunk toolset

    Proficient in Splunk Language (SPL)

    Familiarity with global threats to energy sector


    Demonstrated knowledge of implementing security solutions for Industrial Control Systems (ICS) in critical infrastructure, such as electric utilities, oil & gas, etc.


    WHAT WE OFFER YOU:
    A world-class team whose foundational values are collaboration and excellence

    Endless challenges at the cutting edge of insider threat detection and mitigation

    The freedom and independence to let your talents shine

    #LI

    Southern Company (


    NYSE:
    SO) is a leading energy provider serving 9 million residential and commercial customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission.

    The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy infrastructure company with national capabilities, a fiber optics network, and telecommunications services.

    Through an industry-leading commitment to innovation, resilience, and sustainability, we are taking action to meet our customers' and communities' needs while advancing our commitment to net zero emissions by 2050.

    Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success.

    We are transforming energy into economic, environmental and social progress for tomorrow.

    Our corporate culture and hiring practices have earned the company national awards and recognition from numerous organizations, including Forbes, Military Times, DiversityInc, Black Enterprise, J.D.

    Power, Fortune, Human Rights Campaign and more. To learn more, visit


    Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

    Job Identification: 4628


    Job Category:
    Cybersecurity


    Job Schedule:
    Full time


    Company:
    Southern Company Services

    #J-18808-Ljbffr