Job Title
We are seeking a technically skilled and proactive Analyst with a focus on Operational Technology (OT) environments.
The Role Involves:
* Handling escalated incidents, collaborating with platform teams, and enhancing threat detection logic across OT systems.
* Supporting incident response and improving alert fidelity, particularly within platforms such as Nozomi Networks and Microsoft Sentinel.
Key Responsibilities:
* Provide incident handling and escalation support for critical alerts, especially from the Nozomi platform.
* Advise on security issue isolation and recommend remediation strategies.
* Lead incident response and threat containment activities in OT environments.
* Collaborate with the Nozomi platform team to fine-tune rules and reduce alert noise in Sentinel.
* Create and maintain playbooks for automating incident response related to Nozomi alerts.
* Enhance threat detection logic and perform false positive tuning to improve alert quality.
Requirements:
* Experience in SOC operations, particularly in OT environments.
* Hands-on knowledge of Nozomi Networks and Microsoft Sentinel platforms.
* Familiarity with incident response workflows, playbook creation, and alert tuning.
* Strong analytical and problem-solving skills.
* Ability to work in a 24x7 operational environment and collaborate across teams.
* Good communication skills and attention to detail.
* English Advanced (B2/C1) Certified in Microsoft (IT) and Nozomi (OT) (MANDATORY)