Job Description:
Second line of defense, responsible for deeper investigation, incident response, and proactive security improvement in OT environments.
Responsibilities:
• Perform in-depth analysis of escalated security incidents and anomalies.
• Provide specific recommendations for these incidents.
• Lead containment, eradication, and recovery actions in OT incidents.
• Develop and fine-tune detection rules, correlation logic, and playbooks.
• Conduct threat hunting across OT networks and systems.
• Work with engineering teams to implement secure configurations and network segmentation.
• Perform vulnerability assessments and risk analysis of OT assets.
• Provide mentorship and guidance to L1 analysts.
• Assist in OT cybersecurity audits, compliance, and reporting to management.
