Cyber Security Data Engineer

Key Responsibilities:

• Design, implement, and test SIEM and SOAR solutions tailored for OT environments.
• Integrate OT data sources (e.g., IDS, EDR, PLC/DCS logs, network traffic from industrial protocols) into the SIEM platform.
• Develop and maintain custom parsers, normalizers, and correlation rules for OT-specific logs.
• Collaborate with OT operations and engineering teams to understand systems, data sources, and security monitoring requirements.
• Configure and optimize SIEM platforms for performance, scalability, and stability.
• Create OT-focused dashboards and reports to provide actionable security insights.
• Tune SIEM rules to minimize false positives and ensure high-fidelity threat detection.
• Maintain documentation for OT SIEM architecture, data sources, rules, and operational procedures.
• Collaborate with IT security teams to integrate OT and IT security events.
• Stay updated on OT cybersecurity threats, vulnerabilities, and SIEM capabilities.
• Evaluate and recommend new SIEM features, integrations, and security technologies.
• Provide training and support to security analysts and stakeholders on OT SIEM usage.