Job Description

EMS is hiring a Compliance Analyst professional for its Energy Management Systems department. This role will contribute and influence through active participation in internal and external audits, compliance with standards such as Sarbanes Oxley, Separation Protocol, NERC CIP, and internal policies, provide backup support within the compliance team, and collaborate as needed to ensure organizational compliance with key regulatory and internal standards.

The Energy Management System (EMS) is critical to the reliability, security, and operational integrity of the transmission network. This role plays a key part in ensuring EMS remains compliant, resilient, and audit‑ready in an increasingly complex regulatory and technical environment.

By partnering closely with engineering, operations, audit, and compliance teams, this position helps translate regulatory requirements into practical, sustainable controls that support both compliance and operational effectiveness. The work performed in this role directly contributes to risk reduction, regulatory confidence, and the continued reliability of systems that support safe and dependable energy delivery.

This is an opportunity to influence how compliance is embedded into daily operations, improve processes through automation and efficiency, and help shape a strong risk and compliance culture within a mission‑critical organization. The desirable candidate will have an optimal mix of technical knowledge and auditing experience. Technical knowledge should include the ability to evaluate technology, creation of scripting or use of tools to gather evidentiary information. The capability to analyze business processes and facilitate the implementation of enhancements that increase efficiency and productivity is essential. The compliance team operates on the foundation of robust collaboration and effective teamwork.

This position will provide practical, hands-on change management support for EMS. Leveraging standard change management process and tools, the analyst may participate in many change management tasks such as planning and executing communications, process evaluations, and other change management related work.

Key Responsibilities (not exclusive):

Risk and Controls
Provide guidance to stakeholders on risk and control matters to support clear understanding and effective implementation. Support the design, monitoring, and testing of EMS internal controls in partnership with internal teams and auditors. Identify control gaps, coordinate remediation efforts, and develop automated controls where appropriate.

Compliance and Audit Coordination
Serve as a representative for EMS in internal and external audits and compliance activities. Collaborate closely with audit, compliance, and EMS teams to support effective audit execution and governance initiatives. Contribute to enterprise compliance efforts impacting EMS and respond to business information and benchmarking requests.

Compliance Tools Support
Maintain a strong working relationship with the Cool Compliance support team to ensure effective technical support and ongoing use of the tool within EMS.

Risk Assessment
Coordinate and track risk assessments for new EMS applications, software, and supporting infrastructure. Work with internal and external stakeholders to ensure timely completion and support the evaluation and mitigation of identified risks.

Policy and Standards Development
Assist in the development and documentation of EMS policies, standards, procedures, and work practices. Partner with Compliance, Internal Audit, and business stakeholders to ensure alignment with established control requirements and promote cross-functional collaboration.

Reporting and Metrics
Prepare concise, business-focused summaries and support the development of metrics used by leadership to measure EMS performance and compliance effectiveness.

Operational Efficiency and Automation
Identify and recommend opportunities to streamline or automate risk and compliance activities to improve efficiency and reduce manual effort.

Business Continuity and Recovery
Support the maintenance, testing, and documentation of EMS business continuity and disaster recovery plans. Coordinate reviews with system owners to validate recovery objectives, track improvements, and update plans following organizational changes or disruptive events. Promote proactive risk management and organizational resilience.

IT Service Management (ITSM)
Support EMS risk management activities within ITSM tools, ensuring effective use and ongoing maintenance for risk tracking and reporting.

Backup Support for Critical Initiatives
Provide backup support for enterprise risk and compliance initiatives, including SOX and NERC CIP, as needed to ensure continued regulatory and internal compliance.

Education and Experience Requirements

Bachelor’s degree in information security, information assurance, computer science, management information systems, computer information systems, or a related discipline.

• Working knowledge of computer system infrastructure, operations and security.
• Working knowledge of Change Management processes (ITIL).
• Working knowledge of technology risk assessments, internal controls, controls testing, and internal & external audit requirements.
• Working knowledge of creation of scripting or use of tools for gathering information.

Skills Desired

• Experience creating, implementing, maintaining and monitoring policies, standards, procedures, programs, plans and processes
• Strong analytical skills to comprehend and facilitate information
• Understands the basic tenants of enterprise risk management (threat management, vulnerability management, and risk treatment).
• Extremely detail oriented while working in a fast-paced environment
• Strong oral and written communication skills with ability to communicate effectively at all levels
• Strong interpersonal skills to effectively interact with several departments, auditors, and management
• Capable of understanding complex technical information
• Positive attitude, team player & creative problem-solving skills
• Effective time management skill and good business judgment
• Able to multi-task and prioritize multiple projects simultaneously
• Ability to balance compliance requirements with technical operational requirements
• Ability to be diplomatic but push back as necessary with internal and external groups and individuals at all levels (analysis to execution)
• Ability to understand deep technical concepts and translate those concepts for non-technical people.
• Ability to facilitate conversations and exercises with all levels of employees
• Can effectively balance compliance needs with operational technical requirements
• Exhibits diplomatic skills and is prepared to engage with individuals and groups at all levels
• Possesses a strong grasp of complex technical concepts and can explain them clearly to non-technical audiences
• Skilled in leading discussions and activities with employees across all organizational levels
• Must be a team player and able to work collaboratively with and through others.

Behavioral Attributes:

• Demonstrate "Southern Style" behaviors as core values.
• Highly dependable, self-motivated and enjoy helping others and working in a multi-tasking environment.
• possess the ability to handle multiple tasks, can plan, execute, coordinate and lead key projects and initiatives from start to finish.
• Strong interpersonal skills, be a self-starter, a decision-maker, flexible, self-directed, and a team player.

Other Requirements:

Travel (10% of time) to attend Southern Company functions and other relevant industry meetings and events.

This position falls under the company’s Insider Threat Program and will have access to, and control over sensitive data, systems or assets. Enhanced personnel screening, which includes a background review, drug screen and psychological assessment, will be required if you are selected for this position.

About Southern Company

Southern Company (NYSE: SO) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit www.southerncompany.com

Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here https://seo.nlx.org/southernco/pdf/SOCO-Benefits.pdf Additional and specific details about total compensation and benefits will also be provided during the hiring process.

Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law.