Cyber Security Specialist
Posted 1 day ago by iXceed Solutions
Negotiable
Undetermined
Undetermined
Coventry, England, United Kingdom
Summary: The Cyber Security Specialist role requires over 10 years of experience in cybersecurity, focusing on designing and implementing security solutions for OT/ICS environments. The position involves responsibilities across multiple domains, including OT security, SOC operations, and infrastructure security, with a strong emphasis on deploying and managing security tools and frameworks. Candidates must demonstrate expertise in various cybersecurity frameworks and protocols, as well as the ability to lead and execute complex security initiatives.
Key Responsibilities:
- Designing and implementing technical solutions for asset discovery, OT cyber security, and vulnerability assessment tools.
- Defining and implementing OT-specific security policies and monitoring rules within Nozomi.
- Deploying OT Security (Nozomi)/IDS platform across global sites.
- Providing implementation support and reporting for ICS security using tools like SIEM.
- Leading Sentinel Deployment for OT SOC and architecting Microsoft Sentinel across global OT environments.
- Configuring and onboarding diverse log sources into Sentinel.
- Developing and fine-tuning KQL-based analytics rules tailored to OT threat scenarios.
- Integrating threat intelligence feeds into Sentinel to enhance detection capabilities.
- Designing and implementing playbooks using Logic Apps for incident response automation.
- Building custom workbooks and dashboards to visualize OT security posture and SOC performance metrics.
- Configuring and ensuring availability of required logs into Sentinel.
- Planning and deploying EDR agents on relevant endpoints and tuning settings for optimal performance.
- Documenting deployment steps, configurations, and integration details.
Key Skills:
- 10+ years of experience in cybersecurity, specifically in OT/ICS environments.
- Expertise in cybersecurity frameworks such as NIST SP 800-82 and IEC 62443.
- Proficiency in OT network communication protocols (e.g., Ethernet, Modbus, OPC, IEC-101/104).
- Experience with SIEM, SOAR, and threat intelligence integration.
- Strong knowledge of Microsoft Sentinel and KQL for analytics.
- Familiarity with EDR solutions, particularly CrowdStrike.
- Ability to design and implement incident response workflows.
- Excellent documentation and reporting skills.
Salary (Rate): undetermined
City: Coventry
Country: United Kingdom
Working Arrangements: undetermined
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Multiple Roles : OT/IOT Security SME: Role: 10+ years of experience in Cyber security Designing & implementation on ICS/OT network Architectures, Cybersecurity frameworks for ICS/OT environments NIST SP 800-82 and IEC 62443, OT Network Communication Protocols (e.g., Ethernet, Modbus, OPC, IEC-101/104 etc.), Information Event Management (SIEM).
Key Responsibilities: Designing and implementing technical solutions for asset discovery, OT cyber security, vulnerability assessment tools Define and implement OT-specific security policies and monitoring rules within Nozomi to detect anomalies, threats and compliance violations. Deploy OT Security (Nozomi)/IDS platform across global sites. Implementation support & reporting for ICS security with help of tools like SIEM Test the OT security use cases.
SOC SME: Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence.
Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics.
Infra Security SME: Role: 10+ years of experience in Cyber security Designing & implementation of Security Agents, Development, Security agent migration, Physical Security exploitation and design flaw addressment & Endpoint Security.
Key Responsibilities: Configure & ensure availability of required logs into Sentinel (such as EDR, Qualys, Firewalls etc) EDR Deployment Planning: Assess the lab infrastructure and endpoints to determine deployment scope and strategy. Plan for agent installation, network requirements, and compatibility with existing systems. Deploy Falcon agents on chosen relevant endpoints Tune settings to minimize false positives while maintaining strong security posture Work with SOC consultant to configure alert rules and incident response workflows in Sentinel based on CrowdStrike telemetry Simulate endpoint threats to validate EDR detection and SIEM alerting. Test Crowd strikes performance against the OT security visibility and threat protection use cases. Set up data connectors between CrowdStrike and Sentinel using APIs or native integrations. Documentation & reporting: Document deployment steps, configurations and integration details.