Information Security Operations Specialist

Position:Information Security Operations Specialist

Location: Birmingham, AL

Job :4373

# of Openings:1

Information Security Operations Specialist

Discover a career where your work truly matters. Southern Research has been translating science into real-world solutions since 1941. Join our innovative team and enjoy benefits like medical, dental, vision, 401(k) match, life insurance, PTO, an employee assistance program, and more.

The Information Security Operations Specialist oversees Southern Research Information Security (Info Sec) Operations and Incident Response. This role is responsible for building and running monitoring, detection, response, and vulnerability management capabilities that protect the confidentiality, integrity, and availability of Southern Research and customers’ information and systems. The Information Security Operations Specialist will assist in the enforcement of information security policies and standards, as well as enforce and audit security policies and procedures which safeguard the integrity of and access to enterprise systems, files, and data elements.

This role works with Information Technology and supports the Information Security Officer (ISO), Legal, HR, and business leaders to reduce cyber risk, mature security processes, and ensure alignment with the established security program and standards. This may include risk assessments and security briefings to advise stakeholders of critical issues that may impact security objectives. Overall, the Information Security Operations Specialist will commit to fostering an environment of heightened security by operationalizing Information Security Policies.

• Lead daily security and data loss prevention monitoring, alert triage, investigation, and escalation across endpoint, network, identity, email, and cloud environments.
• Ensure log collection, review, retention, and access supports operational needs and audit/forensic requirements.
• Maintain standard operating procedures, playbooks, and runbooks for common alert types and investigations.
• Contributes suggestions/improvements for increasing operational efficiency.

• Lead the incident response program, including maintaining the incident response plan, playbooks, severity definitions, communications paths, and evidence-handling procedures aligned to NIST SP 800-61.
• Coordinate containment, eradication, and recovery activities for security incidents; engage the communication and escalation paths as necessary.
• Plan and lead live exercises and technical response drills; ensure lessons learned are documented and corrective actions are implemented.
• Submit incident documentation and reporting to the ISO for postmortem reviews and policy impacts.

• Manage the enterprise vulnerability management program (scanning, prioritization, remediation tracking, and reporting) across endpoints, servers, network devices, applications, and cloud workloads.
• Monitor emerging threats, exploited vulnerabilities, and relevant advisories; coordinate rapid response for high-risk exposures (e.g., critical CVEs). Partners with others to implement secure configuration baselines and hardening standards.

• Support the ongoing development, testing, and improvement of IT disaster recovery and business continuity plans with security considerations incorporated.
• Assess and improve resiliency against disruptive events (e.g., ransomware), including backup security, recovery testing, and access controls for recovery processes.

Perform other duties and assist other employees, as assigned.

• 5+ years of progressive experience in information security, including security operations, incident response, and vulnerability management.
• Demonstrated ability to lead security operations activities, interact and/or manage vendors/managed service providers as appropriate.
• Hands‑on experience with security monitoring and response tooling, vulnerability scanning, patch/exposure management, and incident case management.
• Working…