Risk and Compliance Analyst

Overview

Risk and Compliance Analyst role at Southern Company within the Technology Organization. This position supports technology risk management and compliance activities for the SCS Technology Organization to ensure appropriate controls and demonstrable compliance with internal and external requirements, including NERC CIP, TSA SD, and SOX. Occasional overnight travel may be required.

Location:

Birmingham (APC headquarters) or Atlanta (GPC headquarters).

• Serve as support for technology risk and control activities for internal and external stakeholders related to applicable compliance programs.
• Facilitate the execution of the Technology Organization’s patch and vulnerability management review processes in support of compliance.
• Support the implementation of new compliance requirements impacting the Technology Organization.
• Manage work practices documentation in support of applicable compliance programs.
• Facilitate new training opportunities and refresh current training.
• Support routine audits of applicable compliance programs by internal and external audit teams.
• Assist with monthly, quarterly, annual, and other periodic control reviews to support regulatory compliance requirements.
• Report and investigate instances of potential non-compliance and develop and track mitigation plans to completion as necessary.
• Collaborate with other Compliance Coordinators to meet team goals and assist with compliance issues as workload dictates.
• Build and sustain strong working relationships across the Technology Organization and Southern Company.
• Perform internal control monitoring and testing of the Technology Organization’s compliance programs.
• Manage projects and other assigned responsibilities to meet deadlines.

• BS/BA Degree in Computer Science / Information Security / Information Systems or related field preferred.

• Prior Technology Security, Server Support and/or internal controls experience not required but preferred.

• Technology controls and processes
• Compliance frameworks
• Knowledge of power utility equipment and Cyber Assets associated with the Bulk Power System

• Positive attitude, team player and creative problem-solving skills
• Detail-oriented in a fast-paced environment
• Strong oral and written communication skills usable at all levels
• Ability to influence across multiple teams and ensure program needs are met through collaboration
• Strong analytical skills
• Effective time management and good business judgment
• Ability to multi-task and manage multiple projects
• Strong decision-making capabilities with consideration of costs and benefits
• Ability to translate deep technical concepts for non-technical audiences
• Understanding of business needs and commitment to delivering high-quality, prompt service
• Ability to gather and assess information as done in internal audits, investigations, QA reviews, etc.

Southern Company (NYSE: SO) is a leading energy provider serving 9 million customers across the Southeast and beyond. We provide clean, safe, reliable and affordable energy with excellent service. Our footprint includes electric operating companies in multiple states, natural gas distribution companies, a competitive generation company, a distributed energy solutions provider, a fiber optics network, and telecommunications services. We are committed to innovation, resilience and sustainability, including a goal of net-zero greenhouse gas emissions by 2050.

We emphasize values that put customers first and maintain a culture recognized by various awards. Visit  for more information.

Southern Company is an equal opportunity employer. Qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.