Cyber SOC OT Security Analyst â Level 2
Cyber SOC OT Security Analyst â Level 2
Posted on :
25-06-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Description:
Cyber SOC OT Security Analyst Level 2
Experience Required: 3 6 years
Location: Bengaluru
Shift: Must be flexible to work in 24/7 rotational shifts including weekends
Reports To: OT Security Operations Center Lead/ OT Security Manager
Role Overview:
The OT Security Analyst Level 2 (L2) plays a pivotal role in defending operational technology (OT) environments against evolving cyber threats. This role requires a deep understanding of security incident analysis threat detection and incident response specifically tailored to Industrial Control Systems (ICS) and OT networks. The analyst will investigate complex security incidents within the OT infrastructure collaborate with IT/OT teams and enhance security posture through actionable insights.
Key Responsibilities:
Conduct in-depth analysis of security events and incidents within OT environments leveraging SIEM and OT-specific monitoring tools.
Perform root cause analysis and develop incident timelines to support forensics and remediation efforts.
Apply standard incident response frameworks (e.g. NIST MITRE ATT&CK for ICS Cyber Kill Chain) for threat classification and response.
Use threat intelligence platforms and sandbox environments to investigate malware and suspicious artifacts in OT networks.
Analyze access logs network traffic and protocol behaviours across OT systems (e.g. SCADA DCS PLCs).
Support investigations related to unauthorized device communications anomalous behaviours or compromised industrial assets.
Collaborate with OT security engineers and external vendors to escalate and remediate incidents.
Refine alert rules and detection logic to reduce false positives and improve signal-to-noise ratio in OT SOC operations.
Document incident findings and support continuous improvement of the OT SOC playbooks and knowledgebase.
Liaise with the IT SOC and CIR (Cyber Incident Response) teams to align incident handling and cross-domain investigations.
Participate in threat hunting activities tailored for OT environments using behavioural analysis and attack-path simulation.
Technical Skills & Knowledge:
Strong understanding of OT/ICS protocols (Modbus DNP3 OPC etc.) and industrial network topologies.
Hands-on experience with OT cybersecurity tools and platforms (e.g. Nozomi Networks Claroty Dragos).
Familiar with ISA/IEC 62443 NIST SP 800-82 NIST CSF and ISO 27001 compliance requirements for OT.
Proficiency in using SIEM systems (e.g. Microsoft Sentinel Splunk QRadar) for log correlation and event triage.
Understanding of firewalls WAFs proxies and network segmentation principles in OT.
Working knowledge of tools such as THOR Scanner VMRay or Recorded Future is a plus.
Experience in vulnerability management and patch advisory for OT assets with limited patch cycles.
Nice to Have:
Exposure to Red Team/Blue Team exercises focused on OT/ICS.
Familiarity with GRC platforms and risk assessment tools tailored to OT.
Experience Required: 3 6 years
Location: Bengaluru
Shift: Must be flexible to work in 24/7 rotational shifts including weekends
Reports To: OT Security Operations Center Lead/ OT Security Manager
Role Overview:
The OT Security Analyst Level 2 (L2) plays a pivotal role in defending operational technology (OT) environments against evolving cyber threats. This role requires a deep understanding of security incident analysis threat detection and incident response specifically tailored to Industrial Control Systems (ICS) and OT networks. The analyst will investigate complex security incidents within the OT infrastructure collaborate with IT/OT teams and enhance security posture through actionable insights.
Key Responsibilities:
Conduct in-depth analysis of security events and incidents within OT environments leveraging SIEM and OT-specific monitoring tools.
Perform root cause analysis and develop incident timelines to support forensics and remediation efforts.
Apply standard incident response frameworks (e.g. NIST MITRE ATT&CK for ICS Cyber Kill Chain) for threat classification and response.
Use threat intelligence platforms and sandbox environments to investigate malware and suspicious artifacts in OT networks.
Analyze access logs network traffic and protocol behaviours across OT systems (e.g. SCADA DCS PLCs).
Support investigations related to unauthorized device communications anomalous behaviours or compromised industrial assets.
Collaborate with OT security engineers and external vendors to escalate and remediate incidents.
Refine alert rules and detection logic to reduce false positives and improve signal-to-noise ratio in OT SOC operations.
Document incident findings and support continuous improvement of the OT SOC playbooks and knowledgebase.
Liaise with the IT SOC and CIR (Cyber Incident Response) teams to align incident handling and cross-domain investigations.
Participate in threat hunting activities tailored for OT environments using behavioural analysis and attack-path simulation.
Technical Skills & Knowledge:
Strong understanding of OT/ICS protocols (Modbus DNP3 OPC etc.) and industrial network topologies.
Hands-on experience with OT cybersecurity tools and platforms (e.g. Nozomi Networks Claroty Dragos).
Familiar with ISA/IEC 62443 NIST SP 800-82 NIST CSF and ISO 27001 compliance requirements for OT.
Proficiency in using SIEM systems (e.g. Microsoft Sentinel Splunk QRadar) for log correlation and event triage.
Understanding of firewalls WAFs proxies and network segmentation principles in OT.
Working knowledge of tools such as THOR Scanner VMRay or Recorded Future is a plus.
Experience in vulnerability management and patch advisory for OT assets with limited patch cycles.
Nice to Have:
Exposure to Red Team/Blue Team exercises focused on OT/ICS.
Familiarity with GRC platforms and risk assessment tools tailored to OT.
Additional Details
- Planned Resource Unit : (27)Development - Others(Generic);(34)TCON - Lead Developer - 3-6 Years;Cyber Security Assessment;(Z2)3-6 Years
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
Similar Jobs
Dr. Job is an online platform that connects employers with skilled job seekers, facilitating the search for job opportunities and top talent. Established in 2015. Dr. Job Pro has emerged as the world premier job portal, attracting thousands of job seekers every day from all over the world.
Follow Dr.Job
Dr Job FZ LLC. 2025 © All Rights Reserved