Manager, Insider Threat Analysis Center

Manager, Insider Threat Analysis Center

Schedule: M-F

Location: Atlanta or Birmingham

POSITION SUMMARY:

A leading U.S. energy company seeks an experienced cybersecurity professional to join our Insider Threat Program as a technical manager. The candidate will directly support the company’s efforts to address real and potential insider threats to the company’s facilities, personnel, technology, operations, and brand. The selected candidate will manage a team of 6 analysts in: 1) serving as first line HR manager, 2) coordinating programmatic elements with other company stakeholders, 3) advancing technical capabilities, 4) overseeing the analytical work of the team.

The Manager will leverage his/her prior experience working in an Insider Threat program, leading others, managing cybersecurity projects, program management, and threat analysis to identify and track potential insider risk activity. The successful applicant should have a demonstrable track record of successfully teaming with other organizational components to identify and mitigate risk in both the technology and human domains. The Manager will deliver clear and concise assessments, briefings, and reports to partners and executive leadership. The Manager will also need to understand operational risks at the corporate level and develop relationships across the company that will support coordinated response strategies based on the company’s Insider Threat Program plan.

RESPONSIBILITIES:

• First-line manager for insider threat analysts, including hiring, role assignment, policy adherence, promotions, salary, and performance reviews
• Supervise the day-to-day operations of the team
• Lead efforts to monitor and track activity that crosses risk thresholds and conduct inquiry to classify activity for further investigation and resolution
• Lead the deployment of innovative data correlation tools and practices
• Oversee IT projects to create new capabilities
• Prepare and execute department budget
• Ensure the team documents and presents findings and improves existing methodologies for technical threat assessment
• Understand and utilize relevant data sets, analytic techniques, and visualization tools to assimilate and interpret sources from across the company and identify potential insider threat behavior
• Compare analytic results against known tactics, techniques and procedures historically associated with advanced insider threats
• Communicate alerts on potential insider activity to cross-functional teams
• Coordinate with working-level stakeholders from key organizations such as human resources, general counsel, compliance, etc. for information sharing, situational awareness and determination of responsive action on insider threats
• Develop the implementation of workflows for insider threat evaluations
• Lead the production of defined-scope threat assessments to assist in mitigating identified insider vulnerabilities
• Provide operational and programmatic briefings to management
• Support definition, monitoring, and reporting of effectiveness metrics on an ongoing basis

REQUIREMENTS:

• Demonstrable experience leading or building an Insider Threat Program
• Prior experience leading a team of individual contributors
• Proven understanding of best practices for detecting and classifying insider threats
• Conversancy with behaviors and indicators associated with insider threats
• Experience leading the enterprise deployment of new analytic tools such as data loss prevention or user behavior analytics
• Demonstrated expertise using multiple analytic methodologies, programs, and tools in support of cyber and human threat analysis
• Independent leader with strong analytical and problem-solving skills
• Experience communicating with senior stakeholders inside and outside the company
• Familiarity with global threats to the energy sector
• Insider Threat or Information Security certification such as ITPM or CISSP preferred

Southern Company is a leading energy provider serving 9 million residential and commercial customers across the Southeast and beyond through its family of companies. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy infrastructure company with national capabilities, a fiber optics network, and telecommunications services. Through an industry-leading commitment to innovation, resilience, and sustainability, we are taking action to meet our customers’ and communities’ needs while advancing our commitment to net zero emissions by 2050.

Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s).

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Identification: 10002

Job Category: Cybersecurity

Job Schedule: Full time

Company: Southern Company Services