Job Description

Embark is a specialized consulting and execution platform designed to help global enterprises build, scale, and evolve Global Capability Centers (GCCs) in India. We offer a comprehensive, end-to-end solution that addresses every critical stage of a GCC's lifecycle - from strategy and setup to long-term transformation. Embark is founded by experienced practitioners with deep domain expertise and ably sponsored by Embassy Group. Embark eliminates advisory fragmentation and executional friction by offering an integrated model across strategy, compliance, operations, talent, and culture.
Your role as a Consultant We expect our people to embrace and live our purpose by challenging themselves to identify issues. That are most important for our clients, our people, and for society.
As Manager in our Cyber Team, you'll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: -
Job Summary:
We are seeking a detail-oriented and technically proficient OT SOC Specialist to coordinate and manage threat detections from Claroty and Nozomi platforms. This role is critical to ensuring timely triage, validation, and response to security alerts within industrial environments. The ideal candidate will have experience in OT cybersecurity, industrial network monitoring, and incident response.
Key Responsibilities:
Detection & Monitoring: Monitor and triage alerts from Claroty or Nozomi platforms across OT environments.
Correlate detection data to identify patterns, anomalies, and potential threats.
Fine-tune detection rules and use cases to reduce false positives and improve alert quality.
Incident Coordination: Lead initial investigation and validation of OT security incidents.
Coordinate with SOC analysts, OT engineers, and IT security teams for incident response.
Escalate confirmed threats and support containment and recovery efforts.
Platform Management: Act as the SME for Claroty and Nozomi platforms, ensuring optimal configuration and performance.
Collaborate with vendors and internal teams for updates, integrations, and troubleshooting.
Maintain platform health and ensure continuous visibility into OT assets and network traffic.
Reporting & Documentation: Prepare regular reports on detection trends, incident metrics, and platform performance.
Maintain detailed documentation of incident workflows, detection logic, and platform configurations.
Compliance & Governance: Ensure alignment with cybersecurity frameworks such as NIST, IEC 62443, and internal policies.
Support audits, risk assessments, and compliance initiatives related to OT security.
Requirements
Qualifications:
Bachelor's degree in Cybersecurity, Information Technology, or related field.
9+ years of experience in OT/ICS cybersecurity or SOC operations.
Hands-on experience with Claroty and Nozomi platforms is mandatory.
Strong understanding of industrial protocols (Modbus, DNP3, OPC, etc.) and ICS/SCADA architectures.
Familiarity with SIEM tools, threat intelligence platforms, and incident response processes.
Excellent analytical, communication, and documentation skills.
Preferred Certifications:
GICSP, GRID, CISSP, or equivalent OT security certifications.
Vendor-specific certifications for Claroty or Nozomi (if available).
Education:
B.Tech/BE / B.Sc / BCA or Master's degree in Computer Science, Engineering - Full time

Skills Required