Cloud Identity Security Analyst

Cloud Identity Security Analyst

 Job Description 
 

Position Summary: 

The Cybersecurity organization is seeking a Cloud Identity Security Analyst to assist in the application integration, security hardening, and tenant management duties of the cloud identity team.

                                                                                                                                        

The successful candidate will have responsibility for maintaining and advising the direction of Southern Company’s cloud-based identity providers (IDPs).  Primarily, this role will focus on Microsoft Entra ID, its integration with cloud-based apps, coordination with on-premises identity, as well as connectivity with various other cloud-based IDPs.  Qualified candidates need to be able to interact with services vendors, align strategy and execution to increase IAM maturity, anticipate future requirements for complex environments, keep up with current security trends, be focused on results, and be a self-starter.   

 

This role will directly support the company’s efforts to mitigate real and potential cyber threats to the company’s facilities, personnel, technology, operations, and brand – including critical electric and gas utility infrastructure and its privately owned telecommunications network. 

 

Southern Company is headquartered in Atlanta, and we bring energy to homes and businesses across the country. We’ve made our name as a leading producer of clean, safe, reliable and affordable energy, and we approach each day as a vital step in building the future of energy. We’re always looking ahead, and our innovations in the industry – from new nuclear to deployment of electric transportation and renewables – to help brighten the lives and businesses of millions of customers nationwide.  Our team is critical to building the future of energy with secure, resilient, and sustainable cyber solutions. 

 

Defend.  Protect. Enable.

 

Job Responsibilities:  

• Maintenance, integration, lifecycle, and future planning for Entra ID identity products. 
• Creation and lifecycle of cloud-native identities such as Service Principals and App Registrations.
• Integration of applications using cloud-native identity protocols such as SAML or OpenID.
• Implementation of new security feature sets to address modern risks such as FIDO/Passkeys.
• Consulting and hands-on with other cloud IDPs such as Google Cloud Identity, AWS IAM, Oracle IDCS.
• Triage and escalation of cloud identity issues – both with the technology and with individual business partners. 
• Build automations where possible to facilitate repeat work or reporting within the cloud environments.
• Mentoring others in the area of IAM, cloud identity, and modern authentication principles and best practices.
• Serve as a trusted advisor to our stakeholders, by designing security solutions, for improved security and business enablement. 
• Maintain various controls to meet regulatory requirements, including but not limited to Sarbanes-Oxley (SOX), FERC and NERC.
• Monitor, forecast, and prepare for new regulatory requirements or cloud technology changes.
• Aid in the development of standards and polices for the IAM program. 
• Enhance processes to facilitate improved operational efficiencies, risk mitigation, and customer interactions.
• Lead and deliver cloud identity projects in scope, on time, and within budget.   
• Provide expertise to assist in the development of Southern Company’s security architecture – identify areas of opportunity, research alternatives, and recommend solutions.

 

Requirements and qualifications:     

Required:

• Experience with managing a cloud-native Identity Provider, specifically Microsoft Entra ID.
• Experience with cloud application integrations using SAML or OpenID.
• Experience with OAuth IDs (Service Principals), their configuration, lifecycle, and long-term risk management.
• An understanding of cloud role-based access controls and their unique differences from on-prem.
• Ability to leverage user dynamic risk, progressive authentication, self-service.
• Knowledge of modern authentication methods e.g. FIDO, Biometrics, Passwordless.
• Knowledge of cloud entitlement management and best practices.
• Must pass NERC CIP & Insider Threat Protection background checks.

 

Desired:

• Technical knowledge with the following concepts: On-premises SSO, Active Directory, Privileged Account Management.
• A solid understanding of IAM related protocols and standards such as:
  SAML, OAuth/OIDC, SCIM, FIDO, RADIUS, LDAPS, Kerberos.
• Strong verbal communication, and presentation skills. 
• Competency in APIs (Rest, Graph) and/or JavaScript/Python/JSON/SQL.
• Experience prioritizing and executing with minimal direction or oversight.
• Industry certifications such as: CISSP, CCSP, CISA, GIAC, OSCP, CRISC, CCNP, etc.
• Experience with information security frameworks such as: COBIT, NIST, OWASP, etc.
• Familiarity with nation state, sophisticated criminal, and supply chain threats.

 

About Southern Company

Southern Company (NYSE: SO) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com. 

Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf. Additional and specific details about total compensation and benefits will also be provided during the hiring process.

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.