"Alerted.org

Description

We are seeking a vigilant and detail-oriented OT SOC Analyst to join our cybersecurity team, focused on monitoring, detecting, and responding to threats targeting our Operational Technology (OT) environments. This role sits at the intersection of cybersecurity and industrial control systems (ICS), playing a vital part in safeguarding critical infrastructure, manufacturing, or process systems against cyber threats. The ideal candidate has a solid understanding of OT networks, ICS/SCADA systems, and security operations workflows. This is a hands-on, front-line role responsible for 24/7 monitoring and incident response in highly sensitive OT environments.

+ Monitor OT network traffic, logs, and alerts from various security tools (SIEM, IDS/IPS, anomaly detection, etc.).

+ Analyze and triage security alerts specific to OT assets, protocols, and applications.

+ Conduct initial investigation, correlation, and escalation of security incidents involving ICS/SCADA environments.

+ Collaborate with OT engineers and incident response teams to contain and mitigate threats.

+ Collect, normalize, and analyze logs from OT assets such as PLCs, HMIs, RTUs, and SCADA servers.

+ Look for anomalous behavior, policy violations, or indicators of compromise in OT systems.

+ Apply OT-specific threat intelligence to improve detection capabilities.

+ Track known threat actors and tactics (e.g., MITRE ATT& CK for ICS, ransomware groups targeting industrial sectors).

+ Assist in identifying vulnerabilities in OT assets and environments.

+ Support patch management and configuration hardening efforts.

+ Create clear and concise incident reports and summaries for technical and non-technical stakeholders.

+ Work closely with OT and IT teams to coordinate cybersecurity efforts and ensure consistent policy enforcement.

Requirements

+ 2–5 years of experience in cybersecurity, network security, or SOC operations.

+ Familiarity with OT/ICS environments (e.g., SCADA, DCS, PLCs, RTUs, industrial protocols like Modbus, DNP3, OPC).

+ Experience with SIEM tools (Splunk, QRadar, Sumo Logic, etc.) and intrusion detection/prevention systems.

+ Basic understanding of networking (TCP/IP, firewalls, segmentation) and cybersecurity concepts (e.g., defense in depth, zero trust).

+ Ability to work in a shift-based or on-call environment, as required.

Technology Doesn't Change the World, People Do.®

Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.

Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app (https://www.roberthalf.com/us/en/mobile-app) and get 1-tap apply, notifications of AI-matched jobs, and much more.

All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.

• 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking “Apply Now,” you’re agreeing to Robert Half’s Terms of Use (https://www.roberthalf.com/us/en/terms) .