Offensive Security Analyst

Offensive Security Analyst Location: Georgia Power HQ (Atlanta, GA) or Alabama Power HQ (Birmingham, AL). 4 days of onsite work. Position Overview Southern Company is seeking a passionate Vulnerability Exploitation Analyst to support its Cybersecurity organization in a highly technical, hands‑on role. This position is responsible for continuously identifying, validating, and assessing security exposures to determine their potential impact to the organization. The role emphasizes contextual risk analysis—combining threat intelligence, exploitability, and asset criticality—to prioritize and elevate vulnerabilities that present meaningful risk. The analyst will support day‑to‑day CTEM operations by validating exposure paths, confirming real‑world exploit potential, and ensuring vulnerabilities are escalated to remediation owners based on demonstrated risk and business impact. Your Work Will Directly Support Exploitation evaluation and validation of vulnerabilities across enterprise systems. Attack surface reduction through proactive identification of exploitable gaps. Continuous threat validation to confirm the effectiveness of security controls and defensive measures. Qualifications Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience. 2+ years in application development, offensive security, penetration testing, or adversarial threat simulation. Demonstrated expertise in supporting vulnerability and patch management programs, enhancing application security, and conducting thorough analyses of potential exposures. Application development experience in one or more common enterprise languages or frameworks (e.g., Java, .NET, Python, JavaScript). Working knowledge of application components and dependencies, such as web frameworks, middleware, application servers, databases, message queues, identity providers, and third‑party services. Familiarity with build and runtime dependencies, including package managers (e.g., npm, pip, Maven, NuGet) and their associated security risks. Understanding of how applications interact with underlying infrastructure, including operating systems, containers, orchestration platforms, and cloud services. Strong understanding of vulnerability research, exploit chains, and post‑exploitation tactics. Deep understanding of MITRE ATT&CK, adversary TTPs, and exploit development. Proficiency in scripting languages (Python, PowerShell, Bash; PERL a plus). Knowledge of vulnerability management, attack surface management, and cloud security posture management. Familiarity with OWASP testing methodologies and common application/system vulnerabilities. Understanding of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross‑site scripting, code injection, race conditions, covert channel, replay, return‑oriented attacks). Understanding and familiarity with different operating systems (e.g., Windows and LINUX/UNIX systems). Knowledge of IT security/hardening best practices, including but not limited to operating systems, web applications, and network devices. Experience with SIEM platforms for detection validation and log analysis. Excellent communication skills for translating technical findings into business risk narratives. Ability to think like an attacker—creative, persistent, and detail‑oriented in identifying weaknesses. Ability to thrive in a fast‑paced environment, demonstrating adaptability and flexibility in response to changing priorities and emerging threats. Experience driving discussions and consensus across a broad group of stakeholders and cross‑functional teams regarding security recommendations and mitigation strategies. Demonstrates strong critical thinking and curiosity, essential for effectively analyzing and addressing security threats and vulnerabilities. Job Responsibilities Leverage knowledge of application components and dependencies to elevate vulnerabilities to remediation owners based on risk and impact. Support day‑to‑day operations of the exposure management program, including data review, report processing, and trend analysis. Track remediation of identified risks and mitigation strategies and elevate findings to key stakeholders. Analyze potential security risks, determine applicability to our environment, and conduct attack path mapping to ensure the highest risk exposures are addressed first. Research and replicate emerging exploits, vulnerabilities, and offensive techniques to assess real‑world impact. Collaborate with Threat Intelligence to align testing with current threat‑actor behaviors and campaigns. Provide actionable insights and offensive‑driven recommendations to harden systems and reduce attack surface. Maintain situational awareness of the threat landscape, including zero‑days, CVEs, and novel exploitation methods. Partner with stakeholders to prioritize remediation based on validated risk exposure and potential adversary gaps. Collaborate with peers from across the organization and maintain excellent working relationships with key partners across Technology Organization functions and business partners. Demonstrate Southern Company values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment. Job Requirements Required to submit to a thorough background examination. Ability to understand business requirements and present appropriate solutions. Ability to work independently or within a team. Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments. Solid verbal and written communication skills. Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions. Must pass NERC CIP & Insider Threat Protection background checks. One or more relevant industry certifications (i.e., OSCP, CEH, GSEC, CISSP, CISA). Occasional travel to local and regional locations in pursuit of job duties and requirements. Equal Opportunity Statement Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law. Job Identification: 19101 Job Category: Cybersecurity Job Schedule: Full time Company: Southern Company Services #J-18808-Ljbffr Cooper Lighting Solutions