Offensive Security Analyst

About The Position

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience
• 2+ years in application development, offensive security, penetration testing, or adversarial threat simulation
• Demonstrated expertise in supporting vulnerability and patch management programs, enhancing application security, and conducting thorough analyses of potential exposures
• Application development experience in one or more common enterprise languages or frameworks (e.g., Java, .NET, Python, JavaScript)
• Working knowledge of application components and dependencies, such as web frameworks, middleware, application servers, databases, message queues, identity providers, and third‑party services
• Familiarity with build and runtime dependencies, including package managers (e.g., npm, pip, Maven, NuGet) and their associated security risks
• Understanding of how applications interact with underlying infrastructure, including operating systems, containers, orchestration platforms, and cloud services
• Strong understanding of vulnerability research, exploit chains, and post-exploitation tactics.
• Deep understanding of MITRE ATT&CK, adversary TTPs, and exploit development.
• Proficiency in scripting languages (Python, PowerShell, Bash; PERL a plus).
• Knowledge of vulnerability management, attack surface management, and cloud security posture management
• Familiarity with OWASP testing methodologies and common application/system vulnerabilities.
• Understanding of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, code injection, race conditions, covert channel, replay, return-oriented attacks)
• Understanding and familiarity with different operating systems (e.g., Windows and LINUX/UNIX systems)
• Knowledge of IT security / hardening best practices; including but not limited to operating systems, web applications, and network devices.
• Experience with SIEM platforms for detection validation and log analysis.
• Excellent communication skills for translating technical findings into business risk narratives.
• Ability to think like an attacker—creative, persistent, and detail-oriented in identifying weaknesses.
• Ability to thrive in a fast-paced environment, demonstrating adaptability and flexibility in response to changing priorities and emerging threats.
• Experience driving discussions and consensus across a broad group of stakeholders and cross functional teams regarding security recommendations and mitigation strategies.
• Demonstrates strong critical thinking and curiosity, essential for effectively analyzing and addressing security threats and vulnerabilities.
• Required to submit to a thorough background examination
• Ability to understand business requirements and present appropriate solutions
• Ability to work independently or within a team
• Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments
• Solid verbal and written communication skills
• Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions
• Must pass NERC CIP & Insider Threat Protection background checks
• One or more relevant industry certifications (i.e., OSCP, CEH, GSEC, CISSP, CISA)
• Occasional travel to local and regional locations in pursuit of job duties and requirements

Responsibilities

• Leverage knowledge of application components and dependencies to escalate vulnerabilities to remediation owners based on risk and impact.
• Support day-to-day operations of the exposure management program, including data review, report processing, and trend analysis. Track remediation of identified risks and mitigation strategies and escalate findings to key stakeholders.
• Ability to analyze potential security risks, determine applicability to our environment, and conduct attack path mapping to ensure the highest risk exposures are being addressed first.
• Research and replicate emerging exploits, vulnerabilities, and offensive techniques to assess real world impact.
• Collaborate with Threat Intelligence to align testing with current threat actor behaviors and campaigns.
• Provide actionable insights and offensive-driven recommendations to harden systems and reduce attack surface.
• Maintain situational awareness of the threat landscape, including zero-days, CVEs, and novel exploitation methods.
• Partner with stakeholders to prioritize remediation based on validated risk exposure and potential adversary gap.
• Collaborate with peers from across the organization and maintain excellent working relationships with key partners across Technology Organization functions and business partners.
• Demonstrate Southern Company values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment

Benefits

• competitive base salary
• annual incentive awards for eligible employees
• health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being
• incentive program