OT Security Leader

About ColorTokens

AtColorTokens we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happenbut with our cutting-edgeColorTokens Xshield platform companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to continue operating while breaches are contained ensuring critical assets remain protected.

Our innovative platform provides unparalleled visibility into traffic patterns between workloads OT/IoT/IoMT devices and users allowing businesses to enforce granular micro-perimeters swiftly isolate key assets and respond to breaches with agility. Recognized as aLeader in the Forrester Wave: Microsegmentation Solutions (Q3 2024) ColorTokens safeguards global enterprises and delivers significant savings by preventing costly disruptions.

Join us in transforming cybersecurity. Learn more at.

Job Title: Senior Manager OT SOC Services (Technical & Commercial Management)

Location: Bangalore

Job Type: Full-time
Department: Operational Technology (OT) Security / Managed Security Services

Job Summary:

Colortokens is seeking a Senior Manager OT SOC Services to oversee both the technical and commercial aspects of our Operational Technology (OT) Security Operations Center (SOC) services provided to customers. This role requires a strong background in OT cybersecurity SOC operations service delivery and commercial management to ensure high-quality security services while optimizing revenue and customer satisfaction.

The ideal candidate will have deep expertise in ICS/SCADA security threat detection incident response SIEM/XDR for OT environments and experience managing P&L customer contracts and service-level agreements (SLAs).

Key Responsibilities:

1. Technical Leadership & SOC Operations

• Oversee the 24/7 OT SOC operations ensuring robust threat detection monitoring and response for industrial environments.
• Ensure security monitoring and incident response cover ICS/SCADA IIoT PLCs and DCS environments.
• Lead deployment optimization and integration of security tools such as SIEM XDR IDS/IPS and anomaly detection in OT networks.
• Develop incident response playbooks threat-hunting strategies and MITRE ATT&CK for ICS-based security detections.
• Collaborate with CISOs security architects and industrial operations teams to ensure compliance with industry standards (IEC 62443 NIST 800-82 NERC-CIP etc.).

2. Commercial & Business Management

• Manage financial health of OT SOC services ensuring cost efficiency and revenue growth.
• Develop and manage commercial contracts pricing models and SLAs for OT SOC customers.
• Engage in pre-sales activities working with sales and business development teams to design customized OT security solutions.
• Ensure customer satisfaction by delivering monthly/quarterly service reviews performance reports and security recommendations.
• Identify upsell and cross-sell opportunities for additional security services such as Managed XDR Threat Intelligence or Incident Response Retainer.

3. Customer & Stakeholder Engagement

• Act as the primary point of contact for key customers ensuring high-quality service delivery.
• Collaborate with industrial plant operators IT/OT security teams and regulatory bodies to address cybersecurity risks.
• Present threat intelligence reports risk assessments and incident trends to executive stakeholders.
• Drive continuous improvement initiatives based on customer feedback and security landscape changes.

4. Compliance & Risk Management

• Ensure OT SOC operations comply with regulatory and industry standards (IEC 62443 NIST 800-82 NERC-CIP GDPR etc.).
• Work with risk management teams to assess vulnerabilities and mitigate cyber risks in industrial environments.
• Ensure log management forensic analysis and threat detection align with regulatory requirements.

5. Required Skills & Experience:

Technical Expertise:

• 8-12 years of experience in cybersecurity in OT security & SOC operations.
• Deep understanding of ICS/SCADA security industrial protocols (Modbus DNP3 OPC BACnet etc.) and OT network security.
• Hands-on experience with OT SIEM/XDR platforms (e.g. Nozomi Networks Dragos Palo Alto Cortex XDR Microsoft Sentinel for OT).
• Experience with firewalling micro-segmentation anomaly detection and intrusion detection in OT environments.
• Strong knowledge of threat intelligence MITRE ATT&CK for ICS and incident response in industrial environments.

Commercial & Business Acumen:

• Experience in pricing models and contract negotiation for managed security services.
• Strong understanding of SOC service delivery models (MSSP MDR Co-Managed SOC etc.).
• Ability to drive revenue growth through service enhancements and customer expansion strategies.

Leadership & Soft Skills:

• Proven experience in leading large security teams SOC analysts and incident responders.
• Strong customer engagement relationship management and executive communication skills.
• Ability to bridge the gap between technical cybersecurity teams and business stakeholders.

Preferred Certifications:

CISSP (Certified Information Systems Security Professional)
GICSP (Global Industrial Cyber Security Professional)
CISM (Certified Information Security Manager)
ISA/IEC 62443 Certifications
SIEM/XDR Vendor Certifications