Job
Description
Job Summary: As an OT Cybersecurity Detection Engineer, you will be responsible for designing, implementing, and managing detection strategies and tools to respond to cyber threats targeting critical OT/ICS environments. You will work with both internal and external cyber security teams to ensure the security and resilience of our industrial infrastructure. We are looking for an understanding of OT protocols, industrial control systems, OT threat intelligence and cybersecurity best practices, coupled with. You will report to the Cyber Team Leader and have a hybrid schedule working in Hinjewadi-Pune. Your Responsibilities: Develop detection rules, correlation searches, and alerting mechanisms within our Security Information and Event Management (SIEM) and other security monitoring tools specifically tailored for OT environments. Analyze OT network traffic, system logs, and security events to identify suspicious activity, anomalies, and potential security incidents. Develop of OT protocols (e.g., Modbus, DNP3, IEC 61850), industrial control systems (e.g., PLC, SCADA, DCS), and their security possible effects. Collaborate with OT operations and engineering teams to understand their processes, and potential vulnerabilities. Tune and optimize detection rules to minimise false positives and ensure high-fidelity alerts. Maintain documentation for detection strategies, rules, and incident response procedures specific to OT. Participate in incident response activities related to OT cybersecurity incidents, providing technical expertise in detection and analysis. Contribute to the development of OT security policies, standards, and procedures. Stay up-to-date on the latest OT cybersecurity threats, vulnerabilities, and mitigation techniques. Recommend new security tools relevant to OT detection capabilities. Collaborate with IT security teams to ensure a cohesive and integrated security posture across both IT and OT environments. Develop and deliver training or awareness sessions on OT-specific detection techniques for relevant teams. The Essentials - You Will Have: Have 2-3years strong understanding of OT protocols, architectures, and common industrial control systems Experience with SIEM\SOAR platforms and developing custom correlation rules and alerts. Experience analyzing network traffic using tools like Wireshark and understanding OT-specific network protocols. Knowledge of common cybersecurity frameworks and standards relevant to OT (e.g., NIST SP 800-82, IEC 62443) Familiarity with threat intelligence sources and their application to OT environments. Technical information to both technical and non-technical audiences. Understand internal or external customer needs. The Preferred - You Might Also Have: You will have to understand relevant evolving technology, understand complex technology dependency and working across a range of service offerings that may use a wide array of technologies and partners. Across multiple departments with different goals. Develop important product and service launches. Collaborative culture across the automation engineering team while meeting CI goals Adopt technology best practices around technology vendor evaluation and managing maintenance of technology platforms. What We Offer: Our benefits package includes Comprehensive mindfulness programmes with a premium membership to Calm Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme - Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program Personalised wellbeing programmes through our OnTrack programme On-demand digital course library for professional development ... and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if youre excited about this role but your experience doesnt align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. #LI-Hybrid #LI-SM1 Rockwell Automation s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.
