Security Operations Center Analyst in Hampshire

You will be working in the OT SOC team and will report directly into the OT Cybersecurity Services Lead (Line Manager).

The role will be focused on the day-to-day monitoring of the OT service platform(s) and any other required security applications. You will be the first line of support for clients who have existing support services., * Continuous / Proactive monitoring of OT security tools (e.g., Nozomi, Fortinet, TXOne) for alerts and anomalies.

• Acknowledge, analyse and validate alerts triggered from the OT security tools to reduce false positives and escalate genuine incidents.
• Proactively collaborate with internal engineers and customers to assess operational and BAU alerts, establishing baselines to minimise unnecessary noise within OT service security tools.
• Triage, investigate, and respond to security incidents, performing root cause analysis and taking steps to mitigate the threat.
• Take immediate action on potential and identified cyber security incidents in accordance with agreed SLA's and KPI's.
• Identify potential weaknesses in systems and networks and suggest or help implement preventative measures like firewalls or improved access controls.
• Escalate incidents to Level 2 OT SOC or OT Cybersecurity Engineers as per service documentation (i.e. Playbooks or Alert/Incident Management processes).
• Adhere to all internal service-related processes such as Alert & Incident Management processes.
• Document incident reports including actions taken in SOC Ticketing systems.
• Analyse data from logs, network traffic, and forensics to create detailed reports on findings and lessons learned. To be utilised in daily / weekly SOC reports for OT Environments.
• Assist with liaising with manufactures or tool set providers regarding product or toolset specific issues.
• Prepare, maintain, and adhere to procedures for logging, reporting, and statistically monitoring data as directed.
• Respond to emergency outages in accordance with business continuity and disaster recovery plans.
• Collaborate with all the Technical Service departments when required to ensure business objectives are met.
• Highlight areas for improvement to supervisor where applicable.
• Ensuring adherence to Management System Manual for Quality (ISO 9001), InfoSec (ISO 27001) and ESG (ISO 14001).
• Follow established OT security procedures aligned with IEC 62443, NIST CSF, and company policies.
• Translate complex technical threats into clear business risks for management and collaborate with GRC (Governance, Risk, and Compliance) teams.
• Provide input on and help optimise security tools, such as EDR/XDR and SIEM platforms.

• Degree in Cybersecurity or similar.
• Experience with Cyber Security Monitoring tools.
• Experience working in an IT Support or Security/SOC team.
• Experience working in an OT environment.
• Understanding or knowledge of devices specific to an OT environment.
• Understanding of OT specific legislations or regulations such as IEC62443.
• ICS/SCADA systems and OT network architecture.
• Common OT protocols (Modbus, DNP3, OPC).
• Experience/Understanding of SIEM/SOAR solutions and OT-specific monitoring platforms (e.g. Nozomi Vantage).
• Knowledge of network environments (routing switching VLANS Security Wireless etc.).
• Knowledge of Firewalls (IDS/IPS/DPI/WAF/Web Filter/App Control).
• Knowledge of security concepts (CIA/MITRE ATT&CK Framework/Vulnerabilities).
• Knowledge of cybersecurity fundamentals (CIA triad, threat vectors).
• Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
• CompTIA Security+ / CySA+ or similar.
• Vendor Certifications - Cisco, Nozomi, Fortinet.
• Knowledge of scripting - Python, Powershell, Perl desirable.

Energy Jobline is the largest and fastest growing global Energy Job Board and Energy Hub. We have an audience reach of over 7 million energy professionals, 400,000+ monthly advertised global energy and engineering jobs, and work with the leading energy companies worldwide. We focus on the Oil & Gas, Renewables, Engineering, Power, and Nuclear markets as well as emerging technologies in EV, Battery, and Fusion. We are committed to ensuring that we offer the most exciting career opportunities from around the world for our jobseekers.