Job Title: Operational Technology Security Advisor
Type: Permanent
Location: Remote
Start Date: January 2023
Days/Hours: 9:00am-5:00pm, Mon-Fri
About our client:
Our client is a privately held SecOps-As-A-Service company founded in 2008. They deliver 24.7.365 security operations backed by their modernized SOC 2 Type 2 and ISO27001 certified Cyber Command Center. Company is focused solely on the Microsoft security product stack and holds the Microsoft Security Advanced Specialization. They are an outcome-driven SecOps-As-A-Service company that leverages an innovative and collaborative approach providing customers an easy way to consume services and increase maturity.
Job Brief
As an OT Security Advisor, you will be responsible for providing exceptional service to customers subscribed to Difenda C3 services. Working in close partnership with C3 leadership, you will support the OT Security team, ensuring that customer Managed Detection and Response for Operational Technology (MDR for OT) services are developed and delivered to the highest of standards. You will support the ongoing design, development, and service enhancements of MDR for OT services. You will also support the execution of customer OT environment threat event lifecycle management, Threat Hunting, and Threat Intelligence activities. You will provide escalated level support to the SecOps Analyst team and act as an escalation point for both the internal team and customers. You will lead high severity security incident investigations and provide remote response support to customers. You will support customer communications, including recurring and ad hoc customer calls, operational reviews, and quarterly executive debriefs. Hours of work are Monday to Friday – 7.5 hours daily or as required. After-hour on-call / escalation duties will be required.
Job Responsibilities:
Support the development and delivery industry leading OT security services designed to continuously enhance Difenda’s managed service portfolio
Support the delivery of MDR for OT service processes, including risk assessments, threat event lifecycle management, Threat Hunting, and Threat Intelligence activities
Execute customer engagements to oversee design and deployment of business-driven OT security technology roadmaps
Execute MDR for OT service activities, including but not limited to asset discovery support, vulnerability management reviews and support, escalated event and incident investigations, custom protocol development, and detection development
Actively develop and execute MDR for OT playbooks, including environment reviews, Threat Hunting, attack simulations, tabletops, and other proactive activities in customer environments
Collaborate with teammates for customer Incident Response engagements within industrial environments
Support the implementation and maintenance of Threat Intelligence practices, including IOC integration into MDR for OT services and providing customer specific tactical and C-Level threat intelligence briefs
Develop, execute, and train staff on MDR for OT service delivery activities
Enforce standards and processes to ensure high quality MDR for OT service delivery (e.g. case management standards)
Work closely with the Cyber Research & Response and DevSecOps teams to iteratively enhance MDR for OT and other managed security services
Support customer service communications, including operational and executive level meetings and reporting
Required Skills:
Minimum of 3 years of experience in industrial environments (ICS, SCADA / PLC / HMI, DCS, etc.) required
Minimum of 3 years of experience in cybersecurity operations (SOC, incident response, forensics, etc.) required, including intrusion analysis, incident response, host forensics (memory and disk), network protocol analysis
Ability to lead an investigation from start to finish including pivoting between data types and correlating events together
Ability to proactively hunt and identify malicious activity
Experience with IT technologies including Windows and Linux, and various security solutions
Knowledge of handling communications during incidents, especially regarding customer and stakeholder briefings
Strong background in customer service and communications required
Strong presentation development and delivery skills required
Familiarity with Agile methodologies such as Lean, Scrum and Kanban preferred
Strong ability to communicate and document clearly and effectively
Ability to follow processes and guidelines
Ability to work with all levels of staff
Ability to take personal initiative and observe confidentiality
Ability to work with internal and external vendors in a professional manner
Ability to multi-task in a fast-paced environment