Job Description

Roles & Responsibilities

Responsibilities and Accountabilities

Able to assess current state capabilities, identify gaps, and plan initiatives to address gaps and accomplish project goals. Building out cybersecurity monitoring & response functions in operational environments.

Assessing OT security capabilities-specifically security operations and SOC capabilities.

Develop An integrated communication Plans between OTSOC, ITSCO and business.

Security Event Monitoring & alerting using Splunk (Level 1) and leverage the OT Cybersecurity Viability Tool (Nozomi) for detailed, analysis, and improvement (Level 2) Cyber Security Incident management.

Liaise with IT /OT Cyber security teams, site teams.

Manage support tickets raised by L1. And Security event analysis and recommendations related to OT and Help confirm incident tickets are updated and closed with all actions performed.

Build and maintain operating procedures & documentation (playbooks & IR plan).

Re-classify security incidents based on their impact.

Operational reports and dashboards will be out of the box from OT platform.

SOP and KB documentation update and maintenance which will be stored and maintained in the customer provided SharePoint site.

Monitoring and triage of OT security alerts (enrichment, log analysis, false positive suppression) Incident identification & prioritization

Log qualified incidents into client's ITSM and coordinate with client CSIRT and resolver groups across the full lifecycle.

Provide remediation recommendations based on reaction plans.

Incident Management and escalation to Client CSIRT and/or external Incident Response teams according to playbooks

Categorize, document, measure, and report security incidents.

Familiar with SIEM Solution and OT Security Products SIEM integration.

Familiar with OT Asset Inventory and Vulnerability Management solution such as "Nozomi - Dragos, etc" certified is added value.

Use case development and tuning for OT sec threat detections.

Familiar with OT SOAR solution integration and content playbooks development / improvement.

Familiar with OT Forensics Tools and PCAP analysis.

Familiar with OT Threat Intelligence, Threat Hunting reports for major and well-known OT Cyber Incident. and provide SMART recommendation to organization.

GRID Certificate or official training is added value and plus to candidate.

Skills and Qualifications:

Have more than 7 years of experience overall (mixed between mainstream Automation Systems exposure and OT Cybersecurity exposure).

Proven track in IT/OT Cybersecurity general management consulting with stakeholder engagement and relationship management skills.

Excellent communication (written and oral) and interpersonal skills

Ability to work creatively and analytically in a problem-solving environment.

Fluent in Arabic and English language.

Ability to effectively communicate insights relating to an organization's threat environment to improve its risk management posture.

Ability to work with the organization's leadership to provide a comprehensive, organization wide approach to address OT Cybersecurity risk and compliance.

Ability to develop and maintain IR OT Cybersecurity policies, standards, and related documentations.

Ability to communicate technical and planning information at the same level as a stakeholder's understanding.

Knowledge and understanding of risk assessment, mitigation, and treatment methods.

Knowledge of relevant OT Cybersecurity aspects of legislative and regulatory requirements, relating to ethics and privacy.

Preferred Qualifications:

Bachelor's degree in engineering, information security or relevant.

7+ years of experience overall (mixed between mainstream Automation Systems exposure and OT Cybersecurity exposure).

Certified in GICSP, GRID or equal certifications are added value.

Make a difference to the communities in which we work and live.

OT SOC L2
Accenture

People Looking for OT SOC L2 Jobs also searched

OT SOC L2 Accenture

People Looking for OT SOC L2 Jobs also searched

OT SOC L2
Accenture