InfoSec L2 SOC SME OT

POSITION RESPONSIBILITIES

Percent of Time

Partner with onshore and offshore teams to implement and support security monitoring and detection capabilities specific to OT environments, including ICS and SCADA systems.

Monitor OT telemetry and alerts to identify potential security incidents, anomalies, and operational risks.

Support the deployment and configuration of OT network sensors and tools, including integration into centralized monitoring platforms.

Assist in the tuning and refinement of OT detection rules and alert thresholds to reduce noise and improve visibility.

Collaborate with Operational Technology, Security Operations, and Threat Intelligence teams to ensure detection strategies are aligned with OT-specific risks and threat models.

Participate in incident investigations involving OT systems, providing context around OT protocols, architecture, and operational impact.

Maintain awareness of emerging OT threats, vulnerabilities, and best practices, and share relevant insights with the broader SOC team.

Contribute to documentation and knowledge articles related to OT environments, including playbooks, response procedures, and baseline behaviors.

100%

ORGANIZATIONAL RELATIONSHIPS

Collaborates closely with onshore security teams, including Security Operations, Operational Technology, Threat Intelligence, and Security Awareness.

Works with cross-functional teams such as Infrastructure, Application Development, and Cloud Engineering to ensure seamless integration and operation of security tools.

Partners with Identity and Access Management teams to implement and maintain secure access controls.

Engages with external vendors and service providers to evaluate and integrate third-party security solutions.

Coordinates with internal stakeholders to align security initiatives with business objectives and compliance requirements.

EDUCATION AND EXPERIENCE

Education

University Degree in Computer Science or Information Systems is required

MS or advanced identity courses or other applicable certifications is desirable, including:

o Certified Information Systems Security Professional (CISSP)

Relevant certifications in infrastructure security and vulnerability management, such as Offensive Security Certified Professional (OSCP), GIAC Certified Vulnerability Assessor (GCVA), or Certified Ethical Hacker (CEH), are highly preferred

Experience

A minimum of 5+ years of relevant experience with a strong background in security operations, operational technology, and security engineering.

2+ years of experience in the pharmaceutical or other regulated industry, especially Animal Health.

Experience working with global teams across multiple time zones.

Demonstrated ability to work within diverse technical teams.

TECHNICAL SKILLS REQUIREMENTS

Strong knowledge of security tools and technologies, such as EyeInspect, endpoint detection and response (CrowdStrike), Palo Alto, and SIEM/SOAR solutions.

Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash to streamline security processes.

Experience with cloud security tools and platforms (e.g., AWS, Azure, GCP) and securing cloud-native environments.

Solid understanding of network security concepts, including firewalls, IDS/IPS, VPNs, and zero-trust architectures.

Familiarity with identity and access management (IAM) solutions, such as Azure AD, Secret Server, and Sailpoint.

Knowledge of threat detection, incident response, and vulnerability management processes and tools.

Experience with container security and DevSecOps practices.

Strong understanding of encryption technologies, key management, and secure coding practices.

Ability to analyze and interpret security data to identify trends, vulnerabilities, and potential threats.

Familiarity with regulatory requirements and compliance standards (e.g., GDPR, HIPAA, PCI DSS).

Must be fluent in both written and spoken English, with the ability to communicate effectively across technical and non-technical audiences.

PHYSICAL POSITION REQUIREMENTS

Availability to work between 1pm IST to 10pm IST hours (minimum 3 hours of daily overlap with US ET Time zone)

• Full time