Operational Technology Analyst

Role – OT Analyst ( Operational Technology Analyst)

Location- Dallas 75202 - Onsite

Sell Rate- $50

Note- Candidate must be local to Dallas and will be onsite 5 days a week. US citizens only.

Key Roles & Responsibilities:

Monitor security alerts from various tools (SIEM, SOAR, IIDS) and investigate potential incidents impacting OT systems.

• Analyze logs common in ICS/SCADA systems to identify indicators of compromise.
• Perform initial triage of alerts, determining validity, severity, and priority based on log analysis, event data and threat intelligence.
• Differentiate between true positives, false positives, and benign events to minimize unnecessary escalations.
• Work with Shift Leads to refine detection rules, reduce false positives, and develop new use cases to optimize detection capabilities within the OT environment.
• Contribute to the creation and maintenance of runbooks, standard operating procedures (SOPs) and incident response playbooks.
• Thoroughly document all alert triage activities, findings, and decisions in the SOC’s ticketing system.
• Participate in training sessions and simulations to stay current on cyber threats, OT security best practices, and monitoring tools.
• Stay current on NERC-CIP standards (specifically 2/3), NIST CSF, Purdue Model for Industrial Control Systems, ISO 27001 frameworks, and other relevant OT security regulations.

Education, Experience, & Skill Requirements:

High School Diploma or equivalent required; Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field preferred.

• 2-4 years of experience in a cybersecurity role.
• 1-2 years of experience working with OT/SCADA environments is highly desirable.
• Relevant certifications (e.g., Network , Security , CySA ) are a plus.
• Foundational understanding of industrial protocols such as DNP3, Modbus, and IEC 104.
• Experience with security technologies including SIEM, SOAR, and IIDS platforms.
• Strong analytical skills, attention to detail, and the ability to communicate complex technical information clearly (written and verbal) to both technical and non-technical audiences.
• Ability to work effectively in a 24/7 shift-based SOC environment, including covering for teammates and occasional after-hours support.
• Measures of SuccessEffectively prioritize and manage alerts in a fast-paced environment.
• Contribute to improvements in key performance indicators (KPIs) such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).
• Maintain adherence to SOC Service Level Agreements (SLAs).
• Collaborate effectively with cross-functional teams to enhance security posture.