Work from Office
Full Time
Role Overview:
The OT Security Analyst – Level 2 (L2) plays a pivotal role in defending operational technology (OT) environments against evolving cyber threats. This role requires a deep understanding of security incident analysis, threat detection, and incident response, specifically tailored to Industrial Control Systems (ICS) and OT networks. The analyst will investigate complex security incidents within the OT infrastructure, collaborate with IT/OT teams, and enhance security posture through actionable insights.________________________________________Key Responsibilities:• Conduct in-depth analysis of security events and incidents within OT environments, leveraging SIEM and OT-specific monitoring tools.• Perform root cause analysis and develop incident timelines to support forensics and remediation efforts.• Apply standard incident response frameworks (e.g., NIST, MITRE ATT&CK for ICS, Cyber Kill Chain) for threat classification and response.• Use threat intelligence platforms and sandbox environments to investigate malware and suspicious artifacts in OT networks.• Analyze access logs, network traffic, and protocol behaviours across OT systems (e.g., SCADA, DCS, PLCs).• Support investigations related to unauthorized device communications, anomalous behaviours, or compromised industrial assets.• Collaborate with OT security engineers and external vendors to escalate and remediate incidents.• Refine alert rules and detection logic to reduce false positives and improve signal-to-noise ratio in OT SOC operations.• Document incident findings and support continuous improvement of the OT SOC playbooks and knowledgebase.• Liaise with the IT SOC and CIR (Cyber Incident Response) teams to align incident handling and cross-domain investigations.• Participate in threat hunting activities tailored for OT environments using behavioural analysis and attack-path simulation.________________________________________Technical Skills & Knowledge:• Strong understanding of OT/ICS protocols (Modbus, DNP3, OPC, etc.) and industrial network topologies.• Hands-on experience with OT cybersecurity tools and platforms (e.g., Nozomi Networks, Claroty, Dragos).• Familiar with ISA/IEC 62443, NIST SP 800-82, NIST CSF, and ISO 27001 compliance requirements for OT.• Proficiency in using SIEM systems (e.g., Microsoft Sentinel, Splunk, QRadar) for log correlation and event triage.• Understanding of firewalls, WAFs, proxies, and network segmentation principles in OT.• Working knowledge of tools such as THOR Scanner, VMRay, or Recorded Future is a plus.• Experience in vulnerability management and patch advisory for OT assets with limited patch cycles.________________________________________Nice to Have:• Exposure to Red Team/Blue Team exercises focused on OT/ICS.• Familiarity with GRC platforms and risk assessment tools tailored to OT.
Cognizant
Upload Resume
Drag or click to upload
Your data is secure with us, protected by advanced encryption.
Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.
We have sent an OTP to your contact. Please enter it below to verify.
Instantly access job listings, apply easily, and track applications.
Experience: Not specified
Salary: Not disclosed
Hyderabad
8.0 - 10.0 Lacs P.A.
Gurugram
6.0 - 16.0 Lacs P.A.
Experience: Not specified
2.0 - 6.0 Lacs P.A.
3.0 - 7.0 Lacs P.A.
9.0 - 10.0 Lacs P.A.
4.0 - 8.0 Lacs P.A.
Bengaluru
40.0 - 60.0 Lacs P.A.
Bengaluru
40.0 - 60.0 Lacs P.A.
