Qualified candidates need to be able to interact with services vendors, align strategy and execution to reduce risk, anticipate future requirements for complex environments, keep up with current security trends, be focused on results, and be a self-starter.     

This role will directly support the company’s efforts to mitigate real and potential cyber threats to the company’s facilities, personnel, technology, operations, and brand – including critical electric and gas utility infrastructure and its privately owned telecommunications network.   

Southern Company is headquartered in Atlanta, and we bring energy to homes and businesses across the country. We’ve made our name as a leading producer of clean, safe, reliable and affordable energy, and we approach each day as a vital step in building the future of energy. We’re always looking ahead, and our innovations in the industry – from new nuclear to deployment of electric transportation and renewables – to help brighten the lives and businesses of millions of customers nationwide.  Our team is critical to building the future of energy with secure, resilient, and sustainable cyber solutions.   

Defend.  Protect.  Enable. 

Job Responsibilities:  

Administer, maintain, and optimize CyberArk components: Vaults, PSM, PSMP, CPM, and associated infrastructure (physical and virtual machines). 

Ensure high availability, disaster recovery, and backup strategies for CyberArk systems. 

Perform upgrades, patching, and lifecycle management of CyberArk applications. 

Integrate new applications and platforms with CyberArk for secure credential management and session monitoring. 

Enforce the principle of least privilege across privileged accounts and access workflows. 

Monitor, triage, and escalate CyberArk-related issues, working with technology teams and business partners. 

Implement and maintain security controls to meet regulatory requirements (e.g., SOX, NERC, FERC). 

Develop and maintain operational documentation, standards, and policies for PAM. 

Participate in audits and compliance activities related to privileged access. 

Mentor team members and stakeholders on CyberArk and PAM best practices. 

Stay current with CyberArk product updates, security trends, and emerging threats. 

Lead and deliver CyberArk-related projects on time and within scope. 

Provide expertise to enhance the organization’s security architecture and recommend improvements. 

Requirements and qualifications:  

Required:

Hands-on experience administering and supporting CyberArk PAM solutions (Vault, PSM, PSMP, CPM). 

Strong understanding of privileged access management concepts and the principle of least privilege. 

Experience with infrastructure management (Windows/Linux servers, virtualization platforms). 

Familiarity with high availability, disaster recovery, and backup strategies for enterprise applications. 

Ability to troubleshoot, resolve, and escalate complex technical issues – CyberArk or otherwise. 

Must pass NERC CIP & Insider Threat Protection background checks. 

Desired:

Experience integrating applications and platforms with CyberArk. 

Technical knowledge of Active Directory, PKI, and related authentication technologies. 

Familiarity with scripting and automation (PowerShell, Python, etc.). 

Industry certifications such as: CyberArk Defender, CyberArk Sentry, CISSP, CISA, GIAC, etc. 

Experience with information security frameworks (COBIT, NIST, OWASP). 

Knowledge of regulatory frameworks and compliance requirements (SOX, NERC, FERC). 

Strong verbal communication and presentation skills. 

Experience prioritizing and executing with minimal direction or oversight. 

Familiarity with advanced threat actors and supply chain risks. 

Location: Georgia Power HQ - Atlanta, GA. or Alabama Power HQ - Birmingham, AL.