About the Role
Job Description: Responsibilities:
Oversee SOC operations during assigned shifts, ensuring efficient workflow, proper escalation procedures, adherence to SLAs, and effective communication between analysts. Lead investigations and response to complex security incidents impacting OT systems, networks, and applications. This includes coordinating efforts with other teams and business units (e.g. Networking, Architecture, CIP Compliance). Perform in-depth analysis of security alerts and logs common in ICS/SCADA systems to identify indicators of compromise (IOCs). Make real-time decisions on incident severity, containment strategies, and escalation paths and actions taken by Tier 1 & 2 analysts for incidents. Evaluate and provide feedback on the performance of security technologies (e.g. SIEM, SOAR, IIDS/IPS) used in the SOC. Identify and oversee the optimization of detection rules to reduce false p...