Data Security Program Manager

Southern Company•Atlanta, GA

About The Position

Southern Company is seeking a highly organized, execution‑focused Data Security Program Manager to help drive delivery and operational effectiveness of the enterprise Data Security Program. This role will report to the Sr Manager of Data Security and will serve as the program’s operational lead, ensuring strategic priorities are translated into clear plans, measurable outcomes, and reliable execution. This position directly supports Southern Company’s mission to mitigate real and potential cyber risks to its critical electric and gas utility infrastructure, operational technology environments, enterprise IT systems, personnel, customers, and brand. The role partners closely with Cybersecurity, Technology, Legal, Privacy, Compliance, HR, and business stakeholders to enable cross‑functional alignment and consistent delivery. The Data Security Program Manager will coordinate work across data discovery/classification, Data Loss Prevention (DLP), Data Security Posture Management (DSPM), encryption initiatives, and data misuse detection/response. Success in this role requires strong program management fundamentals—planning, governance, stakeholder management, metrics, and continuous improvement—combined with the ability to operate in a highly regulated, mission‑critical enterprise environment. This role drives disciplined execution through clear roadmaps, defined milestones, and outcome‑based measurement to ensure predictable delivery and continuous program maturity.

Requirements

Proven experience managing cybersecurity or technology programs for large‑scale enterprise initiatives.
5+ years of experience in program management, cybersecurity operations, or technology delivery roles.
Experience coordinating or supporting data security capabilities such as data classification, DLP, DSPM, encryption, or insider/data misuse programs.
Strong understanding of data protection concepts across on‑prem, cloud, SaaS, and endpoint environments.
Demonstrated ability to manage cross‑functional workstreams, dependencies, and competing priorities.
Strong communication and organizational skills, with the ability to produce executive‑ready status updates and reporting.
Ability to operate effectively in a matrixed organization without direct authority.
Must pass NERC CIP & Insider Threat Protection background checks.

Nice To Haves

Experience supporting or coordinating Data Loss Prevention (DLP) or data classification programs.
Familiarity with Data Security Posture Management (DSPM) concepts and workflows.
Experience developing program dashboards, KPIs, and operational reporting.
Experience coordinating security initiatives with SOC, Incident Response, or GRC teams.
Familiarity with Zero Trust data security principles.
Experience supporting or securing critical infrastructure environments.
Working knowledge of encryption technologies and secure data handling practices.

Responsibilities

Execute the enterprise Data Security Program roadmap in alignment with direction set by cybersecurity leadership.
Manage integrated program plans across data classification, DLP, DSPM, encryption, and data misuse detection initiatives, including milestones, dependencies, risks, and delivery timelines.
Establish and maintain program operating rhythms, including status reporting, risk and issue management, and action item tracking.
Implement and maintain operating models, workflows, and procedures to support effective and repeatable data security program execution.
Coordinate cross‑functional delivery efforts across Cybersecurity, Technology, Legal, Privacy, Compliance, HR, and business teams to ensure alignment and timely execution.
Ensure initiatives are operationally ready prior to scale or enforcement, including documented processes, runbooks, escalation paths, and communications.
Support enterprise efforts to identify, define, and govern sensitive data, including coordination of data classification and labeling adoption activities.
Drive ongoing maturity of DLP and DSPM capabilities by coordinating tuning, coverage expansion, reporting, and remediation workflows to improve visibility, reduce false positives, and minimize business disruption.
Coordinate remediation activities for identified data security risks, including over‑permissive access, unprotected data stores, and risky data movement.
Partner with SOC and Incident Response teams to support data security alert triage, investigation workflows, and escalation processes.
Develop and maintain program metrics, dashboards, and reporting related to delivery progress, operational effectiveness, and program outcomes.
Support governance, change management, and exception processes for data protection policies and enforcement actions.
Promote a culture of accountability, collaboration, and continuous improvement across program stakeholders.

Benefits

Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being.
This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s).
A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf
Additional and specific details about total compensation and beneﬁts will also be provided during the hiring process.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume