SOC Engineer
Job Description Roles & Responsibilities Security Monitoring & Threat Detection • Administration, management, and Support deployment and tuning of OT security tools (Nozomi, Forescout). Monitor OT/ICS environments using SIEM and OT security monitoring platforms Detect, analyze, and respond to cyber threats targeting industrial control systems Support and ensure micro segmentation strategies for OT network zones (Purdue Model alignment) Collaborate with engineering teams to safely implement containment actions in live OT environments Conduct threat hunting across industrial environments using network and log data Handle and support incident response for OT cyber events with minimal operational disruption Maintain OT asset visibility and network behavior baselines Ensure compliance with IEC 62443, NIST ICS, and organizational security standards Work with firewall, IDS/IPS, NAC, and segmentation technologies in OT networks Detection Engineering & Use Case Management • Develop and tune OT-specific detection rules and correlation logic in SIEM platforms. Align detection use cases with MITRE ATT&CK for ICS framework. Reduce false positives and improve detection accuracy and coverage. Periodically review and optimize alert thresholds and detection logic. Support OT security architecture integrating SIEM, IDS/IPS, packet brokers, and segmentation tools. Assist in onboarding log sources, parser development, and normalization of OT data. Optimize dashboards, alerts, and reporting for operational visibility. OT Network Visibility, Packet Analysis & Traffic Engineering • Operate packet brokers and TAP infrastructure to enable full OT network visibility. Perform deep packet inspection of industrial protocols (Modbus, DNP3, OPC-UA, IEC 104, Ethernet/IP). Analyze east-west and north-south traffic for suspicious activity and lateral movement. Identify unauthorized communications and protocol anomalies. Support network telemetry collection for OT environments. Asset Visibility, Threat Hunting & Compliance Management • Maintain complete OT asset inventory and network topology visibility. Identify unauthorized devices, rogue connections, and shadow OT assets. Conduct proactive threat hunting using logs, network telemetry, and behavioral analytics. Correlate threat intelligence with OT environment risks and vulnerabilities. Ensure compliance with IEC 62443, NIST ICS, ISO standards, and internal security policies. Support internal/external audits and provide security evidence for compliance reporting. Contribute to risk assessments and OT security posture improvement initiatives. Reporting & Stakeholder Management • Prepare and present OT security reports (incidents, risks, and trends) Maintain dashboards for vulnerabilities, threats, and compliance status Communicate critical incidents and risks to SOC, OT, and business stakeholders Provide executive-level reporting on OT security posture and exposure Track remediation status and SLA Tracking Support audit and regulatory reporting requirements (IEC 62443, NIST ICS) Desired Candidate Profile Education and Certification Requirements • Bachelor’s degree in Cybersecurity, Information Security, Computer science or related field. Certification any one Mandatory: o GIAC Global Industrial Cyber Security Professional (GICSP) o ISA/IEC 62443 Cybersecurity Certificate o GIAC Response and Industrial Defense (GRID) o ISA Certified Automation Cybersecurity Specialist (IACS) Job Specific Technical Skills • OT/ICS systems (SCADA, DCS, PLC) OT network architecture (Purdue Model, DMZ, segmentation) Microsegmentation & Zero Trust for OT Packet analysis & Deep Packet Inspection (DPI) Packet brokers & TAP/SPAN technologies SIEM & OT monitoring tools (Sentinel, Nozomi, Forcescout) Incident response in OT environments OT threat hunting & anomaly detection Threat Detection & Analysis Industrial firewalling & remote access security OT vulnerability management & asset visibility Compliance (IEC 62443, NIST ICS) Employment Type Full Time Company Industry IT - Software Services Department / Functional Area IT Software Keywords Software OperatorSecurity Operation CenterSecurity OperationsSecurity SolutionSecurity EngineerSecurity Specialist Get real-time job updates only on our App
Ready to apply?
You are viewing this role on JobSphere AI. Applications are completed on the original employer / source website.
Apply on original siteOpens the employer's site in a new tab
- CompanyStarlink WLL
- LocationMuscat - Oman
- CategoryCybersecurity
- SourceNaukrigulf
- Listed11h ago
Related Cybersecurity jobs
Priority Banking - Customer Service Representative
1. Client Relationship Management ▸ Resolve customer issues efficiently while ensuring first-contact resolution whenever possible. ▸ Manage customer complaints…
Secretary
Manage executive schedules, ensuring optimal time allocation for meetings, deadlines, and travel, to facilitate smooth operations. Prepare and edit…
Senior Full Stack Developer
We are seeking an experienced Full Stack Engineer with strong Java expertise and modern front-end capabilities to design, build and deliver scalable enterprise…
Security Assurance Solutions Architect
Experience in risk management and internal audit including: performing risk assessments and audits, designing controls, managing enterprise control frameworks…