Senior Security Analyst - OT

At ProArch Cybersecurity, our customers are our lifeblood, and our service delivery revolves around enhancing our customers' businesses by providing tailored defense strategies, proactive offensive testing, and strategic risk measurement, all supported by the latest automation technology. We are dedicated to creating an innovative environment that exceeds service reliability, efficiency, and trustworthiness expectations while delighting customers along the way. We aim to predict and reduce threats intelligently, ensuring ongoing protection for our clients and leveraging their insights to offer world class "Advanced Resilience" cybersecurity protection. Internally, we prioritize efficient processes, automation, service reliability, proactive vigilance, and providing the utmost value to our clients.

What You’ll Be Doing

Security Analyst / Sr. Security Analyst OT will be responsible for protecting our critical operational technology assets from cyber threats. This role involves monitoring, analyzing, and responding to security incidents, as well as implementing and maintaining security measures to safeguard OT environments. Ongoing training and professional certifications are part of the job requirements

Key Responsibilities:

Threat Monitoring and Response:

• Experience in EDR solutions like Microsoft Defender for Endpoint, CrowdStrike Falcon, CarbonBlack, SentinelOne, etc.
• Advanced knowledge of Kusto Query Language (KQL). Splunk Processing Language (SPL) knowledge is a good to have.
• Experience in Scripting languages like AZCLI, PowerShell and Python.
• Experience in Power Automate and Logic Apps. o Experience in OT Security Solutions like Defender for IoT, SCADAfence, Dragos and Forescout eyeSight etc.
• Monitor OT networks and systems for suspicious activities and potential threats.
• Analyze and respond to security incidents, coordinating with internal teams and external stakeholders as needed.
• Provide detailed analysis and quality assurance of OT events.
• Develop metrics and reporting to enhance the effectiveness of security OT operations.

Threat Hunting and Intelligence:

• Perform proactive OT threat hunting to detect malicious activities.
• Lead threat intelligence briefings and conduct deep-dive threat analyses in OT environments

Security Assessment:

• Conduct vulnerability assessments and risk analyses on OT systems and networks.
• Perform regular security audits and assessments to identify and address potential weaknesses.

Incident Management:

• Develop and maintain incident response plans specific to OT environments.
• Lead or support incident response efforts during security breaches, ensuring minimal impact on operations.

Policy and Procedure Development:

• Assist in developing and implementing OT security policies, standards, and procedures.
• Ensure compliance with industry regulations and best practices.

System Protection:

• Focus on data normalization to accommodate customer solutions in a technology-agnostic approach.
• Strive for automation in alerts/events handling focused on automating actions that stop threats like blocking on firewalls or other methods.
• Work with customers to identify and mitigate vulnerabilities that pose risks to their OT environment
• Collaboration and Training:
• Work closely with Internal and External Infrastructure Teams to integrate OT security with broader organizational security strategies.
• Provide training and guidance to staff on OT security best practices and awareness.
• Improve effectiveness of SOC through QA of OT events

Automation and Orchestration:

• Identify opportunities for automation to streamline security processes.
• Utilize SOAR (Security Orchestration, Automation, and Response) tools to enhance operational efficiency

Requirements

Education:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Advanced degrees or certifications are a plus.

Experience:

• Proven experience in cybersecurity, with a focus on operational technology (OT) or industrial control systems (ICS).
• Familiarity with common OT/ICS protocols and platforms (e.g., DNP, Modbus, SCADA, DCS, PLCs, HMIs, RTUs) and best practices associated with securing those platforms.

Skills:

• Strong analytical and problem-solving skills.
• Proficiency in using security tools and technologies specific to OT environments.
• Knowledge of regulatory requirements and industry standards related to OT security (e.g., NIST, NERC CIP, IEC 62443).

Certifications:

• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH) are desirable.

Soft Skills:

• Excellent communication and interpersonal skills.
• Ability to work effectively both independently and as part of a team.
• Strong attention to detail and the ability to manage multiple priorities