
Southern Company
We support 9 million customers and businesses nationwide with electric utilities in three states and natural gas distribution utilities in four, and provide wholesale energy, customized distributed energy solutions and fiber optics and wireless communications across the country.
Job Specifications
Birmingham, AL
4 hours ago
Last Jobs You Viewed
Business Information Security Liaison
Job Description: Business Information Security Liaison
Grade: 6
Schedule: M-F
Location: Hybrid: Primarily in office, Atlanta or Birmingham (4 days onsite)
Position Summary:
We are seeking a Business Information Security Liaison (BISL) to serve as the strategic cybersecurity partner for our Human Resources organization within one of the nation's largest energy/utility and critical infrastructure companies. This role is responsible for building trusted relationships with business leaders, technology teams, and cybersecurity professionals to proactively identify, communicate, and reduce security risk across HR processes, technologies, and initiatives. The BISL acts as the bridge between business and security, ensuring that sensitive employee and enterprise information is protected while enabling business objectives, transformation efforts, and innovation.
The ideal candidate brings a strong foundation in cybersecurity, risk management, and security strategy, combined with exceptional communication skills. This individual will drive meaningful risk reduction through collaboration, partnership, and business alignment. Success in this role requires the ability to translate complex security concepts into business terms, influence decision-making at all organizational levels, and champion security practices that strengthen resilience, protect critical information assets, and support the mission of a company that powers communities and critical services across the United States.
Job Responsibilities:
- Serve as a trusted advisor to our stakeholders, by designing security solutions, for better security and business enablement.
- Design and implement guardrails to secure modern networks and infrastructure with a variety of vendors and device types
- Continuously seek opportunities to enhance the security posture of HR infrastructure and technologies, including but not limited to: Identity & Access Management (IAM), Cloud Security Posture Management (CSPM), Data Loss Prevention (DLP)
- Align forward thinking strategy with business goals to integrate and raise the bar on security practices and solutions.
- Assist in the ongoing development of Southern Company’s security architecture – identify areas of opportunity, research alternatives, and recommend solutions.
- Develop creative solutions to meet business needs while ensuring appropriate security controls and best practices are implemented.
- Partner with others to identify and resolve information security issues.
- Plan, coordinate, and lead information security projects.
- Help customers understand and apply information security concepts, processes, and technologies.
- Maintain current knowledge of information security and cybersecurity concepts, technologies, and practices.
- Mentor others to strengthen cybersecurity principles and best practices to outside operational areas.
- Establish and maintain excellent working relationships and partnerships across the Technology Organization, business partners, and external vendors and suppliers.
- Create an environment that fosters accountability, innovation, and engagement at all levels.
Requirements and qualifications:
Minimum
- Working knowledge of information technology and cloud network design and practice.
- Hands-on experience designing, architecting, and implementing various information security tools/products such as PKI, Full Packet Capture, Next-Generation Firewalls, HSM’s, SIEM, Multi-Factor Authentication, IDS/IPS, Database Encryption, Privileged Identity Management, Cloud Posture Management, etc.
- Competency in APIs (Rest, Graph), VMware, and/or cloud environments.
- Experience promoting security as a business enablement function using influence, metrics, documentation, strong verbal communication, and presentation skills.
- Working knowledge of cloud and traditional security network architectures.
- Ability to lead a project from concept through implementation and anticipate potential problems.
- Experience prioritizing and executing with minimal direction or oversight.
- Ability to perform detailed information security risk assessments and recommend mitigating controls.
- Must pass NERC CIP & Insider Threat Protection background checks.
Preferred Qualifications
- Experience with Oracle Cloud Infrastructure.
- Technical knowledge of various cloud providers and vendor platforms including Oracle, Google, Azure etc.
- Industry certifications such as: CISSP, CCSP, CISA, GIAC, OSCP, CRISC, CCNP, etc.
- At least 5 years of experience playing a key role in building technical programs.
- Experience with information security frameworks such as: NIST, OWASP, etc.
- Familiarity with nation state, sophisticated criminal, and supply chain threats.
- Up-to-date knowledge of current hacking techniques, vulnerability disclosures, and data breach incidents.
- Experience with cybersecurity analysis and analytic tradecraft.
About Southern Company
Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com .
Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.
Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.
Job Identification: 20143
Job Category: Cybersecurity
Job Schedule: Full time
Company: Southern Company Services