This role requires someone who specializes in building and maintaining OT incident response capabilities across both SOC services and consulting engagements, working to enhance clients' OT security programs whilst developing internal expertise.
 

What you'll be doing

• Self-manage the development and maturity of our OT incident response service offerings, including technical documentation, playbooks, and response procedures tailored for ICS/OT environments.

• Build and implement OT incident response processes for SOC analysts, including triage procedures, investigation methods, and escalation paths for industrial control systems, occasionally serving as the escalation point.

• Lead technical investigations into OT security incidents, providing expert guidance on containment and remediation while considering operational impact and safety.

• Develop a team of OT incident responders, offering technical mentorship and ensuring consistent delivery across multiple client environments.

• Support and guide customers in developing OT incident detection and response capabilities.

• Design and maintain OT‑specific incident response plans and playbooks aligned with industry standards and best practices.

• Act as a thought leader in OT security through blogs, whitepapers, webinars, and speaking engagements.

• Create and deliver OT cyber incident exercises and tabletop scenarios for technical and executive stakeholders using realistic threat intelligence.

• Serve as senior incident coordinator during active OT incidents, managing communications and balancing security with operational continuity.