We are seeking a highly skilled OT Cybersecurity Architect / SOC Security Expert to support industrial and critical infrastructure customers worldwide. This role blends Operational Technology (OT) cybersecurity architecture, SOC Level-2 incident response, and customer consulting, helping organizations secure industrial environments such as SCADA, PLC, and control networks. The ideal candidate brings strong hands-on experience across SIEM, SOAR, ICS security, and industrial networking, and thrives in both operational SOC environments and project-based customer engagements.

Basic Qualifications:

• Bachelor’s degree in computer science, Information Systems, Electronics, or equivalent experience.

• 3+ years of experience in cybersecurity SOC operations or security engineering.

• 5+ years of overall IT, networking, or infrastructure experience.

• Hands-on experience with SIEM tools (e.g., Splunk, Chronicle).

• Experience with firewalls, IDS/IPS, endpoint security, and network security controls.

• Knowledge of OT/ICS environments and industrial protocols.

• Strong analytical, troubleshooting, and stakeholder engagement skills.

• Willingness to travel 30–65% as required.

Preferred Qualifications:

• Security certifications: CCNA, Security+, GSEC, GCIH, CEH, GCFA, or equivalent.

• Knowledge of IEC 62443, ISO 27001, and MITRE ATT&CK for ICS.

• Experience working in customer-facing cybersecurity roles.

• Knowledge of industrial protocols (Modbus, DNP3, Profibus, S7comm)

Key Responsibilities:

• Design, implement, and support OT/ICS cybersecurity solutions for industrial control systems (SCADA, PLCs, HMIs, RTUs, control servers).

• Monitor and analyze security events using SIEM platforms; investigate alerts and determine true vs false positives.

• Act as a Level-2 SOC escalation point and collaborate with Incident Response teams.

• Perform threat hunting, malware analysis, forensic support, and root cause analysis.

• Develop and tune SOAR playbooks, automate response workflows, and integrate tools using scripting (Python preferred).

• Provide on-site and remote cybersecurity consulting including troubleshooting, network design, risk assessments, and implementations.

• Develop clear, business-friendly remediation recommendations for customers.

• Apply and align solutions to industry standards and frameworks (IEC 62443, NIST, MITRE ATT&CK for ICS).

• Support customer engagements independently while meeting delivery, quality, and satisfaction targets.