SOC

Primary Skills:

• Deep understanding of Modbus, DNP3, OPC, SCADA, DCS, PLCs
• Familiarity with industrial network topologies
• Proficient in SIEM tools (Microsoft Sentinel, Splunk, QRadar)
• Experience with OT-specific monitoring platforms (Nozomi Networks, Claroty, Dragos)
• Knowledge of frameworks like NIST, MITRE ATT&CK for ICS, Cyber Kill Chain
• Malware analysis and sandbox investigation
• RCA and forensic investigation
• Skilled in analyzing access logs, network traffic, and protocol behavior
• Understanding of firewalls, WAFs, proxies, and segmentation in OT environments
• Use of platforms like Recorded Future, THOR Scanner, VMRay
• Behavioral analysis and attack-path simulation

Secondary Skills:

• Experience in Red Team/Blue Team exercises
• Exposure to GRC platforms and OT risk assessment tools
• Familiarity with ISA/IEC 62443, NIST SP 800-82
• NIST Cybersecurity Framework (CSF) ISO 27001
• Ability to work with IT SOC and CIR teams
• Coordination with OT engineers and external vendors
• Documentation and playbook development