Cyber Security Data Engineer

Key Responsibilities:

• Design, implement, and test SIEM and SOAR solutions for OT environments.
• Integrate OT data sources (IDS, EDR, control system logs, industrial network traffic) into SIEM platforms.
• Develop and maintain custom parsers, normalizers, and correlation rules for OT-specific logs.
• Collaborate with OT operations and engineering teams to understand systems and monitoring requirements.
• Configure and optimize SIEM platforms for performance, scalability, and stability in OT contexts.
• Develop OT-focused dashboards and reports for actionable security insights.
• Tune SIEM rules to reduce false positives and ensure high-fidelity threat detection.
• Document OT SIEM architecture, data sources, rules, and operational procedures.
• Ensure integration and correlation of security events across IT and OT environments.
• Stay updated on OT cybersecurity threats and SIEM capabilities.
• Evaluate and recommend new SIEM features and integrations.
• Provide training and support to security analysts and stakeholders on OT SIEM usage.