ICS/OT Cybersecurity

Job Description

We are seeking experienced OT analysts to join a 24/7 SOC team supporting critical OT/ICS environments. Candidates must have hands-on experience analyzing alerts, triaging incidents, and supporting detection efforts within OT/SCADA systems.

Key Responsibilities

• Monitor security alerts from SIEM, SOAR, and IIDS tools and investigate potential incidents affecting OT systems.
• Analyze ICS/SCADA logs to identify potential indicators of compromise.
• Perform initial triage—validate alerts, determine severity, and prioritize based on threat intelligence and event data.
• Distinguish between true positives, false positives, and benign activity to reduce unnecessary escalations.
• Collaborate with shift leads to refine use cases, tune detection rules, and reduce false positives.
• Assist in developing and maintaining runbooks, SOPs, and incident response playbooks.
• Document all investigations, findings, and actions in the SOC ticketing system.
• Participate in ongoing training, tabletop exercises, and simulations related to OT security.
• Stay current on NERC-CIP (2/3), NIST CSF, the Purdue Model, ISO 27001, and other relevant OT security frameworks.

Required Skills & Experience

• High school diploma required; bachelor’s in IT, CS, cybersecurity, or related field preferred.
• 2–4 years of experience in cybersecurity.
• 1–2 years of experience with OT/SCADA environments is highly desirable.
• Certifications such as Network , Security , or CYSA are a plus.
• Foundational knowledge of industrial protocols (DNP3, Modbus, IEC 104).
• Experience with SIEM, SOAR, and IIDS platforms.
• Strong analytical ability and excellent written/verbal communication skills.
• Ability to work effectively in a 24/7 shift-based SOC, including occasional after-hours or teammate coverage.
• Efficient alert prioritization and triage in a high-volume SOC.
• Contribution to reducing MTTD and MTTR.
• Adherence to SOC SLAs.
• Strong collaboration with cross-functional teams to strengthen OT security posture.