OT Security Analyst
OT Security Analyst
OT Security Analyst
About the Job
Cyber threats to industrial systems are no longer theoretical, they’re happening every day. At Shieldworkz, our mission is to detect, respond to, and prevent those threats before they cause real-world damage. As an OT Security Analyst, you’ll be on the front lines of industrial cybersecurity, monitoring activity across operational technology (OT) environments, identifying anomalies, and helping defend critical infrastructure from sophisticated adversaries. This is your opportunity to work where digital threats meet physical processes and make a real difference.
Role Description
In this role, you’ll be responsible for:
Monitoring OT network and system activity for indicators of compromise, misuse, or abnormal behavior.
Investigating and analyzing security alerts, correlating data across tools and protocols to identify potential threats.
Conducting log analysis, PCAP review, and threat hunting in ICS/SCADA environments.
Collaborating with engineering, architecture, and field teams to escalate and respond to incidents.
Maintaining situational awareness of evolving threats in the ICS/OT space (e.g., ransomware, zero-days, supply chain attacks).
Supporting incident response efforts, including containment, forensic analysis, and root cause reporting.
Writing detection rules, tuning alert thresholds, and optimizing dashboards and reporting within SIEM and IDS tools.
Creating and updating documentation related to detection techniques, runbooks, and threat intelligence.
What We’re Looking For
We’re looking for a curious, analytical thinker who can dive deep into data and see what others miss. Someone who understands that in OT, uptime is non-negotiable, and who can act fast and smart when a system is under threat. You’ll be part of a team that’s redefining how industrial environments are monitored, protected, and secured.
Ideal Qualifications:
2–4 years of experience in security operations, threat detection, or SOC analysis, ideally with exposure to OT or ICS environments.
Familiarity with ICS protocols (e.g., Modbus, DNP3, OPC, Ethernet/IP) and how they differ from IT traffic.
Experience using security monitoring tools such as SIEMs (Splunk, QRadar, LogRhythm), industrial IDS/IPS (Nozomi, Claroty, Dragos), and packet analyzers (Wireshark, Zeek).
Strong understanding of cyber threat frameworks and TTPs, MITRE ATT&CK for ICS, Kill Chain, etc.
Ability to investigate and triage alerts with a calm, methodical approach, even under pressure.
Knowledge of incident response workflows, forensic techniques, and documentation best practices.
Excellent communication skills, especially when translating technical findings to non-technical stakeholders.
Certifications are a plus: GICSP, GCIA, CySA+, or any OT/ICS-focused training.
Apply Now
Please fill out the application form with your contact details, and a brief message outlining why you're the right fit for Shieldworkz.
About the Job
Cyber threats to industrial systems are no longer theoretical, they’re happening every day. At Shieldworkz, our mission is to detect, respond to, and prevent those threats before they cause real-world damage. As an OT Security Analyst, you’ll be on the front lines of industrial cybersecurity, monitoring activity across operational technology (OT) environments, identifying anomalies, and helping defend critical infrastructure from sophisticated adversaries. This is your opportunity to work where digital threats meet physical processes and make a real difference.
Role Description
In this role, you’ll be responsible for:
Monitoring OT network and system activity for indicators of compromise, misuse, or abnormal behavior.
Investigating and analyzing security alerts, correlating data across tools and protocols to identify potential threats.
Conducting log analysis, PCAP review, and threat hunting in ICS/SCADA environments.
Collaborating with engineering, architecture, and field teams to escalate and respond to incidents.
Maintaining situational awareness of evolving threats in the ICS/OT space (e.g., ransomware, zero-days, supply chain attacks).
Supporting incident response efforts, including containment, forensic analysis, and root cause reporting.
Writing detection rules, tuning alert thresholds, and optimizing dashboards and reporting within SIEM and IDS tools.
Creating and updating documentation related to detection techniques, runbooks, and threat intelligence.
What We’re Looking For
We’re looking for a curious, analytical thinker who can dive deep into data and see what others miss. Someone who understands that in OT, uptime is non-negotiable, and who can act fast and smart when a system is under threat. You’ll be part of a team that’s redefining how industrial environments are monitored, protected, and secured.
Ideal Qualifications:
2–4 years of experience in security operations, threat detection, or SOC analysis, ideally with exposure to OT or ICS environments.
Familiarity with ICS protocols (e.g., Modbus, DNP3, OPC, Ethernet/IP) and how they differ from IT traffic.
Experience using security monitoring tools such as SIEMs (Splunk, QRadar, LogRhythm), industrial IDS/IPS (Nozomi, Claroty, Dragos), and packet analyzers (Wireshark, Zeek).
Strong understanding of cyber threat frameworks and TTPs, MITRE ATT&CK for ICS, Kill Chain, etc.
Ability to investigate and triage alerts with a calm, methodical approach, even under pressure.
Knowledge of incident response workflows, forensic techniques, and documentation best practices.
Excellent communication skills, especially when translating technical findings to non-technical stakeholders.
Certifications are a plus: GICSP, GCIA, CySA+, or any OT/ICS-focused training.
Apply Now
Please fill out the application form with your contact details, and a brief message outlining why you're the right fit for Shieldworkz.
About the Job
Cyber threats to industrial systems are no longer theoretical, they’re happening every day. At Shieldworkz, our mission is to detect, respond to, and prevent those threats before they cause real-world damage. As an OT Security Analyst, you’ll be on the front lines of industrial cybersecurity, monitoring activity across operational technology (OT) environments, identifying anomalies, and helping defend critical infrastructure from sophisticated adversaries. This is your opportunity to work where digital threats meet physical processes and make a real difference.
Role Description
In this role, you’ll be responsible for:
Monitoring OT network and system activity for indicators of compromise, misuse, or abnormal behavior.
Investigating and analyzing security alerts, correlating data across tools and protocols to identify potential threats.
Conducting log analysis, PCAP review, and threat hunting in ICS/SCADA environments.
Collaborating with engineering, architecture, and field teams to escalate and respond to incidents.
Maintaining situational awareness of evolving threats in the ICS/OT space (e.g., ransomware, zero-days, supply chain attacks).
Supporting incident response efforts, including containment, forensic analysis, and root cause reporting.
Writing detection rules, tuning alert thresholds, and optimizing dashboards and reporting within SIEM and IDS tools.
Creating and updating documentation related to detection techniques, runbooks, and threat intelligence.
What We’re Looking For
We’re looking for a curious, analytical thinker who can dive deep into data and see what others miss. Someone who understands that in OT, uptime is non-negotiable, and who can act fast and smart when a system is under threat. You’ll be part of a team that’s redefining how industrial environments are monitored, protected, and secured.
Ideal Qualifications:
2–4 years of experience in security operations, threat detection, or SOC analysis, ideally with exposure to OT or ICS environments.
Familiarity with ICS protocols (e.g., Modbus, DNP3, OPC, Ethernet/IP) and how they differ from IT traffic.
Experience using security monitoring tools such as SIEMs (Splunk, QRadar, LogRhythm), industrial IDS/IPS (Nozomi, Claroty, Dragos), and packet analyzers (Wireshark, Zeek).
Strong understanding of cyber threat frameworks and TTPs, MITRE ATT&CK for ICS, Kill Chain, etc.
Ability to investigate and triage alerts with a calm, methodical approach, even under pressure.
Knowledge of incident response workflows, forensic techniques, and documentation best practices.
Excellent communication skills, especially when translating technical findings to non-technical stakeholders.
Certifications are a plus: GICSP, GCIA, CySA+, or any OT/ICS-focused training.
Apply Now
Please fill out the application form with your contact details, and a brief message outlining why you're the right fit for Shieldworkz.