Job Description
We are seeking a highly skilled OT Cybersecurity Architect / SOC Security Expert to support industrial and critical infrastructure customers worldwide. This role blends Operational Technology (OT) cybersecurity architecture, SOC Level-2 incident response, and customer consulting, helping organizations secure industrial environments such as SCADA, PLC, and control networks. The ideal candidate brings strong hands-on experience across SIEM, SOAR, ICS security, and industrial networking, and thrives in both operational SOC environments and project-based customer engagements.
Responsibilities
Key Responsibilities
- Design, implement, and support OT/ICS cybersecurity solutions for industrial control systems (SCADA, PLCs, HMIs, RTUs, control servers).
- Monitor and analyze security events using SIEM platforms; investigate alerts and determine true vs false positives.
- Act as a Level-2 SOC escalation point and collaborate with Incident Response teams.
- Perform threat hunting, malware analysis, forensic support, and root cause analysis.
- Develop and tune SOAR playbooks, automate response workflows, and integrate tools using scripting (Python preferred).
- Provide on-site and remote cybersecurity consulting including troubleshooting, network design, risk assessments, and implementations.
- Develop clear, business-friendly remediation recommendations for customers.
- Apply and align solutions to industry standards and frameworks (IEC 62443, NIST, MITRE ATT&CK for ICS).
- Support customer engagements independently while meeting delivery, quality, and satisfaction targets.
Qualifications
Basic Qualifications
- Bachelor's degree in computer science, Information Systems, Electronics, or equivalent experience.
- 3+ years of experience in cybersecurity SOC operations or security engineering.
- 5+ years of overall IT, networking, or infrastructure experience.
- Hands-on experience with SIEM tools (e.g., Splunk, Chronicle).
- Experience with firewalls, IDS/IPS, endpoint security, and network security controls.
- Knowledge of OT/ICS environments and industrial protocols.
- Strong analytical, troubleshooting, and stakeholder engagement skills.
- Willingness to travel 30–65% as required.
Preferred Qualifications
- Security certifications: CCNA, Security+, GSEC, GCIH, CEH, GCFA, or equivalent.
- Knowledge of IEC 62443, ISO 27001, and MITRE ATT&CK for ICS.
- Experience working in customer-facing cybersecurity roles.
- Knowledge of industrial protocols (Modbus, DNP3, Profibus, S7comm)
About Us
Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.
