OT SOC Engineer

OT SOC Engineer

Basingstoke

£28k - £35k + Benefite

Hybrid working x2 days in office / x3 days work from home

I am recruiting in Basingstoke for an OT SOC Engineer to join the OT SOC team and will report directly into the OT Cybersecurity Services Lead.

As an OT SOC Engineer the role will be focused on the day-to-day monitoring of the OT service platform(s) and any other required security applications. You will be the first line of support for clients who have existing support services.

The standard working hours for this role are Monday to Friday, 9:00 AM to 5:30 PM. In addition, you will participate in an on-call rotation on a 1-in-4 basis. On-call duties fall outside your regular working hours and run from Monday at 9:00 AM through to the following Monday at 8:59 AM and uou will be paid extra for the on call duites of the OT SOC Engineer.

OT SOC Engineer Responsibilities:

Continuous / Proactive monitoring of OT security tools (e.g., Nozomi, Fortinet, TXOne) for alerts and anomalies.
Acknowledge, analyse and validate alerts triggered from the OT security tools to reduce false positives and escalate genuine incidents.
Proactively collaborate with internal engineers and customers to assess operational and BAU alerts, establishing baselines to minimise unnecessary noise within OT service security tools.
Triage, investigate, and respond to security incidents, performing root cause analysis and taking steps to mitigate the threat.
Take immediate action on potential and identified cyber security incidents in accordance with agreed SLA's and KPI's.
Proactively research emerging threats and vulnerabilities to find and address potential weaknesses before they are exploited.
Identify potential weaknesses in systems and networks and suggest or help implement preventative measures like firewalls or improved access controls.
Escalate incidents to Level 2 OT SOC or OT Cybersecurity Engineers as per service documentation (i.e. Playbooks or Alert/Incident Management processes).
Adhere to all internal service-related processes such as Alert & Incident Management processes.
Assist with the creation of processes as and when required and to have these align with existing processes.
Document incident reports including actions taken in SOC Ticketing systems.
Analyse data from logs, network traffic, and forensics to create detailed reports on findings and lessons learned. To be utilised in daily / weekly SOC reports for OT Environments.
Management and ownership or service-related documentation such as knowledge bases and playbooks.
Provide training to additional or new members of the Business Unit as and when required.
Assist with liaising with manufactures or tool set providers regarding product or toolset specific issues.
Prepare, maintain, and adhere to procedures for logging, reporting, and
statistically monitoring data as directed.
Ensuring time is accurately logged against client work, for billing purposes.
Identify new technology opportunities to enhance the product and service portfolio.
Respond to emergency outages in accordance with business continuity and disaster recovery plans.
Adopt a proactive approach towards all client activities.
Collaborate with all the Technical Service departments when required to ensure business objectives are met.
Support delivery of projects with chosen technologies as and when required.
Own personal training plan that is put in place with line manager.
Highlight areas for improvement to supervisor where applicable.
Ensuring adherence to Management System Manual for Quality (ISO 9001), Info Sec (ISO 27001) and ESG (ISO 14001).
Follow established OT security procedures aligned with IEC 62443, NIST CSF, and company policies.
Translate complex technical threats into clear business risks for management and collaborate with GRC (Governance, Risk, and Compliance) teams.
Work with other SOC analysts, technical teams, and stakeholders to coordinate responses and share information.
Provide input on and help optimise security tools, such as EDR/XDR and SIEM platforms.
Expectation to assist with other tasks requested by line manager.
OT SOC Engineer Desired Skills/Qualifications/Experience

The following list…