Sr. IT Cyber Security Detection Engineer


Sr. IT Cyber Security Detection Engineer

Work location: Georgia Power Corporate Headquarters in Atlanta, GA.


This position will support our Security Operations Center (SOC) by engineering new threat detections, so our SOC analyst can monitor and respond to cyber security activity across Southern Company’s IT and OT networks.

As the Senior Detection Engineer you will be responsible for developing and continuous improvement of detection capabilities across OT and IT networks. You’ll strategize logical deployment locations for detections across devices and SIEMs, building detection signatures on premise and in cloud environments.

You’ll serve as a generalist in the Detection Engineering team, capable of quickly acclimating to new signature languages and APIs. You’ll coordinate with device owners to leverage device detections efficiently, while enriching existing detections and fortifying our environment based on the Mitre ATT&CK framework.


  • A formal education in Computer Science or a related field, or equivalent experience in IT Security related roles is required for this position.
  • Minimum 2 years working or supporting a Security Operations Center (SOC) required
  • Minimum 1 year of applied knowledge developing alerts in Microsoft Azure Sentinel Cloud SIEM or Splunk Enterprise Security Applications required
  • Minimum 2 years supporting IT infrastructure or Information Security devices/technologies
  • 1 years’ experience implementing Mitre ATT&CK framework or Lockheed Martin Cyber Kill Chain
  • Intrusion Detection, Ethical Hacking, and Monitoring certifications a plus (GCIA, CEH, GMON, OSCP, etc)
  • Intermediate knowledge supporting Security Information and Event Management platforms such as Splunk and Splunk Enterprise Security App
  • Intermediate experience developing & managing content within an Enterprise Security Manager application: including dashboards, risk based alerting, active channels, reports, correlation rules, filters, trends, network models, etc.
  • Advanced knowledge of networking protocols and addressing schemes, i.e., TCP/IP functions, CIDR blocks, subnets, addressing, communications, etc
  • Comprehensive working knowledge of Linux, Unix, and Windows OS
  • Scripting skills such as Perl, Python, and/or Shell scripting are a plus.
  • Database skills with MySQL, SQL, Oracle are preferred
  • Experience working with regular expressions are a plus.
  • Excellent problem solving and analytical skills; ability to solve complex technical issues
  • Strong customer service skills
  • Exhibit initiative, follow-up and follow through with commitments
  • Ability to support and work in a team environment
  • Strong technical writing skills
  • Ability to manage multiple tasks and priorities in a high-pressure environment
  • Intermediate understanding of IT Security and the ability to apply risk management principles in all aspects IT Security
  • Working knowledge of Southern Company infrastructure is a plus


  • Be a key contributing member of the use case detection strategy and lifecycle for the team
  • Utilize broad knowledge of security operations, intrusion detection, and security logging to integrate detection use cases into the environment
  • Perform tuning and root cause analysis to increase efficacy of existing use cases and reduce false positives
  • Participate in stakeholder meetings to devise use case detections for their teams
  • Provide feedback and code review of detections created by team members



This information describes the general nature and level of work performed by employees in this job. The description is not designed to be a comprehensive inventory of duties, responsibilities and qualifications required in the job. Reasonable accommodations may be made to qualified disabled individuals for performance of essential duties and responsibilities.

Southern Company (NYSE: SO ) is America’s premier energy company, with 46,000 megawatts of generating capacity and 1,500 billion cubic feet of combined natural gas consumption and throughput volume serving 9 million customers through its subsidiaries . The company provides clean, safe, reliable and affordable energy through electric operating companies in four states, natural gas distribution companies in seven states, a competitive generation company serving wholesale customers across America and a nationally recognized provider of customized energy solutions, as well as fiber optics and wireless communications . Southern Company brands are known for excellent customer service, high reliability and affordable prices that are below the national average. Through an industry-leading commitment to innovation, Southern Company and its subsidiaries are inventing America’s energy future by developing the full portfolio of energy resources, including carbon-free nuclear, 21st century coal, natural gas, renewables and energy efficiency, and creating new products and services for the benefit of customers. Southern Company has been named by the U.S. Department of Defense and G.I. Jobs magazine as a top military employer, recognized among the Top 50 Companies for Diversity by DiversityInc, listed by Black Enterprise magazine as one of the 40 Best Companies for Diversity and designated a Top Employer for Hispanics by Hispanic Network. The company has earned a National Award of Nuclear Science and History from the National Atomic Museum Foundation for its leadership and commitment to nuclear development and is continually ranked among the top energy companies in Fortune’s annual World’s Most Admired Electric and Gas Utility rankings. Visit our website at .

Southern Company is an equal opportunity employer where an applicant’s qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Field: Information Technology

Job Type: Standard

Primary Location: Georgia-Metro Atlanta-Atlanta

Operating Company: Southern Company Services

Job Type: Standard

Travel (Up to…): No

Work Location(s):

Georgia Power Headquarters – 241 Ralph McGill Blvd. NE (241ATLANTA)

241 Ralph McGill Blvd. NE

Atlanta, 30308

Req ID: SCS2010350

More Information

Apply for this job

Leave your thoughts

Share this job