OT Network Traffic Analyst – Anomaly Detection Specialist

Description

We are seeking a skilled OT Network Traffic Analyst with deep expertise in Operational Technology (OT) communication protocols to join our cross-functional security and ML team. The ideal candidate will be responsible for intercepting and analyzing OT network traffic, identifying potential anomalies, and contributing to the development of cutting-edge anomaly detection solutions — even across proprietary and undocumented protocols. This is a hands-on role requiring both technical proficiency in network traffic inspection and the ability to collaborate with machine learning engineers and cybersecurity experts.

Responsibilities

• Intercept, monitor, and analyze traffic from OT/ICS networks in real-time and from historical captures.
• Perform protocol-level inspection across standard (e.g., Modbus, DNP3, OPC-UA, IEC 61850) and proprietary OT communication protocols.
• Reverse engineer undocumented or proprietary OT protocols where necessary.
• Identify and flag anomalous behavior or patterns in the traffic, correlating with known attack vectors or operational deviations.
• Collaborate with ML engineers to define features and data inputs for anomaly detection models.
• Contribute domain expertise in OT to refine, validate, and test detection algorithms.
• Assist in setting up testbeds and simulations to emulate OT environments and collect relevant traffic data.
• Document findings and create actionable reports for both technical and non-technical stakeholders.
• Stay current with advancements in OT threat intelligence and anomaly detection research.

Eligibility

• Bachelor's or Master's degree in Computer Science, Electrical Engineering, Cybersecurity, or a related field.
• 3+ years of experience working in OT/ICS environments.
• Deep understanding of OT communication protocols (e.g., Modbus, BACnet, PROFINET, OPC, etc.), including the ability to analyze raw packet captures.
• Experience with network traffic analysis tools (Wireshark, Zeek, tcpdump, etc.).
• Familiarity with network intrusion detection systems (NIDS) and traffic replay tools.
• Basic knowledge of machine learning concepts and how data features are derived from raw data.
• Hands-on experience with packet inspection, protocol dissection, or protocol reverse engineering.

Desired Eligibility

• Experience working with or developing anomaly detection models in cybersecurity.
• Knowledge of ICS/SCADA systems and the Purdue model.
• Exposure to proprietary or vendor-specific OT protocols (e.g., Siemens S7, GE, Allen-Bradley, etc.).
• Familiarity with cybersecurity frameworks like NIST, MITRE ATT&CK for ICS.
• Scripting or automation skills (Python, Bash) for parsing and transforming traffic data.
• Prior experience in cross-functional teams, including ML and cybersecurity experts.

Why Join Us?

• Work on cutting-edge anomaly detection in real-world OT environments.
• Collaborate with a high-caliber team of machine learning and cybersecurity professionals.
• Tackle novel challenges across legacy and proprietary OT protocols.
• Flexible work environment and opportunity to influence core security products.

Travel

As and when required, across the country for project execution and monitoring as well as for coordination with geographically distributed teams.

Communication

Submit a cover letter summarising your experience in relevant technologies and software, along with a resume and the Latest passport-size photograph.