OT SOC Engineer

Posted 22 May 2024
LocationUnited Kingdom
Job type Contract
Discipline Cyber Defence

Job description

Trident Search is on the look out for a Security Engineer who will be responsible for the implementation and configuration of security technologies within the OT portfolio, to join a well-known household name to lead on an exciting project.
During this project you will lead on the deployment of a selected EDR solution into the OT networks, configuring the solution into existing SOC technologies and providing the best possible leverage for platform analysis alerts. As the lead Security Engineer, you will be engaging with stakeholders, managing high levels of work and sticking to tight timelines.

  1. Lead the support, maintenance, and optimisation of OT Security tooling as solutions are deployed.
  2. Take a threat led approach to enhancing configurations and policy to reduce risk.
  3. Understand the key risks the organisation faces, the key tactics techniques and procedures that likely threat actors will use and create mitigation options to overcome them.
  4. Work collaboratively with wider Information Security team to provide additional technical knowledge and direction.
  5. Lead a project team with the deployment of the chosen endpoint detection and response solution for IT systems present in OT networks.
  6. Integrate the EDR solution into centralised SOC tooling, including Microsoft sentinel. Ensure appropriate infrastructure and networking is in place for effective operating of the technology and associated processes.
  7. Ensure a full operating model is established for the EDR solution; encompassing a RACI for platform management and processes for alert/incident management.
  8. Engage in change and design review processes for the EDR solution.
  9. Configure appropriate setting on the EDR solution and work with OT and Security teams and vendor to optimise platform performance and maximise benefits of the investment.
  10. Support security and OT teams in onboarding to the platform and provide appropriate knowledge articles to support key use cases.
  11. Monitor the capacity of security tooling & supporting infrastructure and forecast future capacity for security products.
  12. Designing, producing and maintaining high quality management information from OT security technologies deployed as part of the project.
About you:
  1. Proven experience of actively supporting IT/Security infrastructure.
  2. Experience of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks.
  3. A strong technical background is required with experience in supporting multiple technologies (EDR, Web Proxy, MS Office 365/Azure Security products etc).
  4. Experience in working in highly regulated environments.
  5. Experience engineering sec ops tooling (SIEM/XDR/EDR etc).
  6. Experience in OT environments.