Job Description

Job Summary (List Format) Cyber SOC OT Security Analyst Level 2
- Monitor and analyze security events and incidents within Operational Technology (OT) environments, focusing on Industrial Control Systems (ICS) and OT networks.
- Conduct in-depth investigations of complex security incidents, including root cause analysis and incident timeline development.
- Apply industry-standard incident response frameworks (e.g., NIST, MITRE ATT&CK for ICS) to classify and respond to threats.
- Utilize threat intelligence tools and sandbox environments for malware and artifact analysis within OT networks.
- Analyze OT system logs, network traffic, and protocol behaviors (e.g., SCADA, DCS, PLCs) to detect unauthorized communications and anomalous activity.
- Collaborate with OT security engineers, IT SOC, CIR teams, and external vendors to escalate and remediate security incidents.
- Refine alert rules and detection logic to reduce false positives and improve OT SOC operational efficiency.
- Document incident findings, support continuous improvement of SOC playbooks, and contribute to the OT SOC knowledgebase.
- Participate in OT-focused threat hunting activities using behavioral analysis and attack-path simulation.
- Ensure alignment with OT cybersecurity compliance requirements (e.g., ISA/IEC 62443, NIST SP 800-82, ISO 27001).
- Support vulnerability management and patch advisory processes for OT assets with limited patch cycles.
- Maintain flexibility to work in 24/7 rotational shifts, including weekends, as required by the SOC operation.
Technical Skills Required:
- Strong understanding of OT/ICS protocols (e.g., Modbus, DNP3, OPC) and industrial network architectures.
- Experience with OT cybersecurity tools (e.g., Nozomi, Claroty, Dragos).
- Proficiency with SIEM platforms (e.g., Sentinel, Splunk, QRadar) for event triage.
- Understanding of network security controls (firewalls, proxies, segmentation) in OT environments.
- Familiarity with vulnerability scanning and threat intelligence tools (e.g., THOR Scanner, VMRay).
- Awareness of compliance standards relevant to OT security.
Desirable Skills:
- Experience with Red Team/Blue Team exercises in OT/ICS environments.
- Familiarity with GRC and OT-specific risk assessment tools.
Other Requirements:
- 3 6 years of relevant cybersecurity experience.
- Ability to work in rotational shifts (24/7, including weekends).
- Based in Bengaluru; reports to OT SOC Lead/Manager.

Skills Required