Vulnerability Engineer

JOB SUMMARY:

This position is responsible for enterprise Windows endpoint administration, with significant ownership of vulnerability remediation, security baseline management, and the ongoing health of the Southern Company PC operating system environment. The role combines deep technical execution with strategy, cross-functional leadership, and continuous improvement to keep the Windows platform secure, current, resilient, and aligned with business needs.

Responsibilities include:

• Acts as the Windows vulnerability subject matter expert, overseeing remediation processes and continuously improving enterprise vulnerability management practices

• Leads enterprise Windows OS and baseline vulnerability remediation efforts, including identification, prioritization, coordination, and validation of corrective actions

• Drives monthly patching and remediation activities for the PC environment, ensuring security updates are deployed effectively and risk is reduced in a timely manner

• Collaborates with the team to establish Windows OS standards, security baselines, and best-practice PC configurations across Southern Company

• Partners with Security, Architecture, Engineering, and Support teams to drive timely remediation of Windows OS and baseline vulnerabilities across the enterprise

• Leads coordination with architects, support personnel, project managers, solution providers, and vendors to design, prioritize, and implement secure endpoint technologies and remediation initiatives

• Evaluates emerging technologies, security capabilities, and serves as a lead resource for proofs of concept, modernization efforts, and project delivery related to the Windows platform

• Maintains current Windows OS versions, strengthens baseline compliance, and advances adoption of the latest secure operating system features and capabilities

JOB REQUIREMENTS:

Technical Skills Required

• Extensive knowledge of Windows operating systems, endpoint hardware, and enterprise desktop engineering

• Comprehensive knowledge of Southern Company software and hardware configurations, with the ability to apply standards consistently across the enterprise PC environment

• Working knowledge of network, server, and storage technologies

• Strong understanding of cybersecurity threats, vulnerability management, security baselines, and the importance of protecting the enterprise computing environment

• Ability to learn and apply modern technologies and concepts

• Ability to research solutions to problems and stay current with rapidly evolving technologies

• Excellent diagnostic, troubleshooting, analytical, and problem-solving skills

• Programming and scripting skills using system-level APIs and WMI, preferably with PowerShell, to automate remediation, configuration management, and reporting

• Experience with Windows 11 imaging, operating system deployment, baseline hardening, and patch and vulnerability remediation processes is strongly preferred

Non-Technical Skills Required

• Excellent verbal and written communication skills, including technical writing

• Works effectively in a team environment, including with geographically dispersed teams

• Ability to simplify complex subjects so they can be easily understood by non-technical audiences

• High degree of focus on quality, reliability, efficiency, risk reduction, and measurable outcomes

• Thrives in a fast-paced environment, adapts to changing priorities, and operates with minimal supervision

• Self-motivated, takes initiative, drives issues to resolution, and removes obstacles to deliver results

• Ability to assess the impact of changes, quantify risk, and make sound decisions in complex, high-visibility situations

• Travel as needed

• Excellent organizational skills and attention to detail

• Ability to manage and prioritize multiple responsibilities

Education and Experience Requirements

• A four-year bachelor’s degree in a computing or engineering field is strongly preferred

• Minimum of five years of experience in an IT-related field

MAJOR JOB RESPONSIBILITIES:

• Sets strategy, roadmaps, and standards for the Windows endpoint platform and leads the deployment of secure, scalable solutions

• Develops and executes test plans for the deployment of technology solutions, patches, configuration changes, and remediation activities

• Determines and documents strategy for the Windows OS platform, security baseline posture, and use of supporting technologies

• Serves as the subject matter expert (SME) for Windows OS and baseline vulnerability remediation, establishing standards, governance, and multi-year roadmaps; identifying and prioritizing risk; driving remediation plans; and ensuring consistent execution across Digital Workplace Technologies

• Documents products, versions, patch levels, baseline settings, detailed configurations, and architectural diagrams as needed

• Engages with architects, support personnel, project managers, solution providers, and vendors to establish clear timelines for the design and implementation of modern technologies in the production environment

• Determines detailed product configurations, hardening settings, and implementation requirements for secure and supportable endpoint operations

• Reviews communications and documentation developed by support analysts to ensure accuracy and effectiveness

• Serves as a point of escalation for second- and third-tier support analysts for systemic issues, high-priority vulnerabilities, and complex remediation challenges

• Creates and maintains support documentation and knowledge articles

• Stays current on industry trends and emerging technologies and continuously identifies opportunities to automate remediation, strengthen baselines, and improve endpoint security and operational efficiency

• Consults with business partners to provide value-added technology solutions

• Works with Technology Organization groups to enhance the user experience of products and better leverage platform capabilities

• Maintains relationships with vendors from a product roadmap and pre-sales perspective

About Southern Company

Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com .

Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf . Additional and specific details about total compensation and benefits will also be provided during the hiring process.

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.

Job Identification: 19655

Job Category: Information Technology

Job Schedule: Full time

Company: Southern Company Services

Candidate Profile

Take a few minutes to create or modify your employment profile and to specify your preferred working criteria for future openings matching your interests.

Create / access My Profile

Our Culture & Hiring Process

Learn more about Southern Company’s culture, values, and inclusion initiatives and what our hiring process looks like. You are one step closer to helping us build the future of energy!