Southern Company Information Security Engineer in Atlanta, Georgia

Information Security Engineer



This position’s primary responsibility will be administering and supporting the Database Activity Monitoring technology used for monitoring, investigating, and responding to cyber security activity across the Southern Company’s network. In addition, this position, as part of a support team, will also share in the support of additional IT security technologies leveraged by our Security Operations Center. Security technologies include but are not limited to Security Information and Event Management (SIEM), Splunk, Netflow, malware analysis systems, and full packet capture.

This position works with other SIEM SMEs and IT security technology support SMEs to ensure the database activity monitoring technology is integrated and fully utilized as intended in the protection of Southern Company’s cyber related assets.


  • Database administration experience required

  • Minimum 3 years’ experience in in SQL or Oracle database administration with an understanding of the underlying business processes

  • Experience with implementation, integration, and administration of database activity monitoring security applications within enterprise environments is desirable

  • Experience with Database Activity Monitoring Operational tasks – Defining User Management, Policy, Alert and Report Definition and Management, Life Cycle Management covering Patch Management, Data Flow and Incident Analysis

  • Strong knowledge of Database concepts such as SQL (DML/DQL/DCL) and clustering with a desire to work with database security technologies.

  • Experience supporting Security Information and Event Management products, such as Connectors, Logger, and Enterprise Security Manager (ESM) - ArcSight, QRadar, RSA Envision, or Splunk, etc desired.

  • Knowledge of networking protocols and addressing schemes, i.e., TCP/IP functions, CIDR blocks, subnets, addressing, communications, layer 2, netflow, etc.

  • Comprehensive working knowledge of Linux, Unix, and Windows OS.

  • Scripting skills such as Perl, Python, and/or Shell scripting are a plus.

  • Strong customer service and verbal communication skills

  • Exhibit initiative, follow-up and follow through with commitments

  • Ability to support and work in a team environment

  • Technical writing skills for documentation purposes

  • Ability to manage multiple tasks and priorities in a high pressure environment

  • Understanding of IT Security and the ability to apply risk management principles in all aspects IT Security is a plus

  • Experience with and ability to maintain confidentiality of data

  • A formal education in Computer Science or a related field, or equivalent experience in Database administration related roles is required for this position.

  • Must comply with any regulatory requirements and be cleared by Southern Company’s Insider Threat Program


  • Work as technical lead/SME in Database Activity Monitoring engagements

  • Implementation & integration of Database Activity Monitoring solutions (IBM InfoSphere Guardium)

  • Strong communication ability in order to effectively work with Database Administrators and Application developers in order to distinguish normal database activity versus abnormal activity.

  • Work on planning, design, implementation of Database Auditing and Monitoring, Guardium Appliance Sizing and Architecture, User Management, Policy, Alert and Report Definition and Management, Guardium Life Cycle Management.

  • Perform Privileged Access alerting, Compliance Reporting, Access Control Processes and other associated tasks with Database Auditing and Monitoring.

  • Act as mentor & conduct knowledge sharing session with the team.

  • Troubleshooting and resolution of incidents, working to meet SLA’s.

  • Alert management of Guardium Infrastructure through tools and systems as per the availability

  • Perform administrative functions managing our Arcsight SIEM environment.

  • As part of a team, provide operational support of a tiered ArcSight SIEM to include; ArcSight ESM, Connector appliances, SmartConnectors, Logger appliances, Windows and Linux servers and a variety of network and security related devices.

  • Perform routine equipment checks, upgrades, and preventative maintenance for our IT Security infrastructure.

  • Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business unit stakeholder SMEs.

  • Establish and maintain positive relationships/partnerships with appropriate vendors.


With 4.4 million customers and more than 46,000 megawatts of generating capacity, Atlanta-based Southern Company is the premier energy company serving the Southeast through its subsidiaries. A leading U.S. producer of clean, safe, reliable and affordable electricity, Southern Company owns electric utilities in four states and a growing competitive generation company, as well as fiber optics and wireless communications. Southern Company brands are known for energy innovation, excellent customer service, high reliability and retail electric prices that are below the national average. Southern Company and its subsidiaries are leading the nation's nuclear renaissance through the construction of the first new nuclear units to be built in a generation of Americans and are demonstrating their commitment to energy innovation through the development of a state-of-the-art coal gasification plant. Southern Company has been recognized by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer and listed by DiversityInc as a top company for Blacks. The company received the 2012 Edison Award from the Edison Electric Institute for its leadership in new nuclear development, was named Electric Light & Power magazine's Utility of the Year for 2012 and is continually ranked among the top utilities in Fortune's annual World's Most Admired Electric and Gas Utility rankings. Visit our website at

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Field: Information Technology

Job Level: Individual Contributor

Primary Location: Georgia-Metro Atlanta-Atlanta

Operating Company: Southern Company Services

Travel (Up to...): No

Work Location(s):

Georgia Power Headquarters - 241 Ralph McGill Blvd. NE (241ATLANTA)

241 Ralph McGill Blvd. NE

Atlanta, 30308

Req ID: SCS2006344