Risk & Compliance Analyst, I or II
Southern CompanySCS Cybersecurity
GRC Analyst
Job Description:
This Governance, Risk, & Compliance (GRC) Analyst is junior hybrid role reporting directly to the Company’s Cybersecurity Assurance Senior Manager. He/she will be responsible for both supporting our Security Architecture Review process and our maintenance of the Cybersecurity Risk Register. He/she will combine general cybersecurity and technology domain knowledge to evaluate and manage risk for both (a) technology solutions submitted for security design review and (b) security hardening opportunities identified by the security operations center, red team, 3rd party assessors, and technology stewards. We’re looking for an avid learner and tinkerer with high initiative and technical aptitude who wants to break into the Cyber field!
Position Overview:
Southern Company, a major U.S. energy firm, is seeking an aspiring cybersecurity professional to reduce risk as part of the Cyber Security Assurance Team. This role will directly support the Company’s efforts to mitigate real and potential cyber threats to the Company’s facilities, personnel, technology, operations, and brand – including critical electric and gas utility infrastructure and its privately owned telecommunications network. This is a junior hybrid role that will provide the applicant with broad exposure to our multiple technology environments, industry-leading security tool sets, and numerous critical business processes. Under mentorship, a successful applicant in this role will make significant contributions to the Cybersecurity team while building a strong foundation for future growth and responsibility at Southern. In-office presence is expected initially once a week either in Atlanta or Birmingham, growing to four days a week in spring of 2026.