We are seeking a highly skilled OT Cybersecurity Architect / SOC Security Expert to support industrial and critical infrastructure customers worldwide. This role blends Operational Technology (OT) cybersecurity architecture, SOC Level-2 incident response, and customer consulting, helping organizations secure industrial environments such as SCADA, PLC, and control networks. The ideal candidate brings strong hands-on experience across SIEM, SOAR, ICS security, and industrial networking, and thrives in both operational SOC environments and project-based customer engagements.
ResponsibilitiesKey Responsibilities
• Design, implement, and support OT/ICS cybersecurity solutions for industrial control systems (SCADA, PLCs, HMIs, RTUs, control servers).
• Monitor and analyze security events using SIEM platforms; investigate alerts and determine true vs false positives.
• Act as a Level-2 SOC escalation point and collaborate with Incident Response teams.
• Perform threat hunting, malware analysis, forensic support, and root cause analysis.
• Develop and tune SOAR playbooks, automate response workflows, and integrate tools using scripting (Python preferred).
• Provide on-site and remote cybersecurity consulting including troubleshooting, network design, risk assessments, and implementations.
• Develop clear, business-friendly remediation recommendations for customers.
• Apply and align solutions to industry standards and frameworks (IEC 62443, NIST, MITRE ATT&CK for ICS).
• Support customer engagements independently while meeting delivery, quality, and satisfaction targets.
QualificationsBasic Qualifications
• Bachelor’s degree in computer science, Information Systems, Electronics, or equivalent experience.
• 3+ years of experience in cybersecurity SOC operations or security engineering.
• 5+ years of overall IT, networking, or infrastructure experience.
• Hands-on experience with SIEM tools (e.g., Splunk, Chronicle).
• Experience with firewalls, IDS/IPS, endpoint security, and network security controls.
• Knowledge of OT/ICS environments and industrial protocols. • Strong analytical, troubleshooting, and stakeholder engagement skills.
• Willingness to travel 30–65% as required.
Preferred Qualifications
• Security certifications: CCNA, Security+, GSEC, GCIH, CEH, GCFA, or equivalent.
• Knowledge of IEC 62443, ISO 27001, and MITRE ATT&CK for ICS. • Experience working in customer-facing cybersecurity roles.
• Knowledge of industrial protocols (Modbus, DNP3, Profibus, S7comm)
About UsHoneywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.
