Security Monitoring & Threat Detection • Administration, management, and Support deployment and tuning of OT security tools (Nozomi, Forescout).Monitor OT/ICS environments using SIEM and OT security monitoring platformsDetect, analyze, and respond to cyber threats targeting industrial control systemsSupport and ensure micro segmentation strategies for OT network zones (Purdue Model alignment)Collaborate with engineering teams to safely implement containment actions in live OT environmentsConduct threat hunting across industrial environments using network and log dataHandle and support incident response for OT cyber events with minimal operational disruptionMaintain OT asset visibility and network behavior baselinesEnsure compliance with IEC 62443, NIST ICS, and organizational security standardsWork with firewall, IDS/IPS, NAC, and segmentation technologies in OT networksDetection Engineering & Use Case Management • Develop and tune OT-specific detection rules and correlation logic in SIEM platforms.Align detection use cases with MITRE ATT&CK for ICS framework.Reduce false positives and improve detection accuracy and coverage.Periodically review and optimize alert thresholds and detection logic.Support OT security architecture integrating SIEM, IDS/IPS, packet brokers, and segmentation tools.Assist in onboarding log sources, parser development, and normalization of OT data.Optimize dashboards, alerts, and reporting for operational visibility.OT Network Visibility, Packet Analysis & Traffic Engineering • Operate packet brokers and TAP infrastructure to enable full OT network visibility.Perform deep packet inspection of industrial protocols (Modbus, DNP3, OPC-UA, IEC 104, Ethernet/IP).Analyze east-west and north-south traffic for suspicious activity and lateral movement.Identify unauthorized communications and protocol anomalies.Support network telemetry collection for OT environments.Asset Visibility, Threat Hunting & Compliance Management • Maintain complete OT asset inventory and network topology visibility.Identify unauthorized devices, rogue connections, and shadow OT assets.Conduct proactive threat hunting using logs, network telemetry, and behavioral analytics.Correlate threat intelligence with OT environment risks and vulnerabilities.Ensure compliance with IEC 62443, NIST ICS, ISO standards, and internal security policies.Support internal/external audits and provide security evidence for compliance reporting.Contribute to risk assessments and OT security posture improvement initiatives.Reporting & Stakeholder Management • Prepare and present OT security reports (incidents, risks, and trends)Maintain dashboards for vulnerabilities, threats, and compliance statusCommunicate critical incidents and risks to SOC, OT, and business stakeholdersProvide executive-level reporting on OT security posture and exposureTrack remediation status and SLA TrackingSupport audit and regulatory reporting requirements (IEC 62443, NIST ICS)