IT/OT SOC Manager

JOB_REQUIREMENTS

Hires in

Not specified

Employment Type

Not specified

Company Location

Not specified

Salary

Not specified

Job Summary:

The IT/OT SOC Delivery Lead is responsible for managing and delivering security operations across both IT (Information Technology) and OT (Operational Technology) environments. This role ensures comprehensive threat detection, response, and monitoring capabilities for corporate systems and industrial control systems (ICS/SCADA). The ideal candidate has deep knowledge of cybersecurity frameworks, IT/OT convergence challenges, and a proven track record in leading SOC operations in critical infrastructure sectors.

Key Responsibilities:

SOC Management & Delivery:

Lead end-to-end delivery of SOC services for both IT and OT environments, including 24/7 monitoring, detection, and incident response.
Manage a team of SOC analysts, threat hunters, and incident responders aligned with both IT and OT domains.
Oversee SOC operational processes, including alert triage, escalation, incident handling, and post-incident reviews.
Ensure efficient service delivery by managing SLAs, KPIs, and continuous improvement metrics.

IT/OT Cybersecurity Integration:

Drive alignment between IT and OT security operations to support a converged cyber defense strategy.
Collaborate with IT, OT, engineering, and plant operations teams to ensure risk-based visibility and protection.
Lead integration of data sources from ICS, SCADA, DCS, PLCs, HMIs, and enterprise IT infrastructure into SIEM/SOAR platforms.
Develop and refine OT-specific detection use cases and playbooks tailored to industrial threats.

Threat Intelligence & Response:

Monitor evolving threats, vulnerabilities, and attack vectors targeting both IT and OT systems.
Lead proactive threat hunting and analysis activities across IT/OT landscapes.
Coordinate incident response activities including containment, investigation, recovery, and root cause analysis.

Governance & Compliance:

Ensure adherence to industry standards and regulatory frameworks such as NIST CSF, IEC 62443, ISO 27001, and NERC CIP.
Support audits, risk assessments, and cyber resilience exercises involving IT/OT infrastructure.

Required Qualifications:

Bachelor s degree in Cybersecurity, Engineering, Computer Science, or a related field.
14+ years of experience in cybersecurity operations, with at least 10 years in a leadership role covering both IT and OT domains.
Strong knowledge of IT security practices, SOC operations, and ICS/SCADA/OT systems.
Experience with SIEM, SOAR, EDR, IDS/IPS, and network security tools (e.g., Splunk, QRadar, Sentinel, Nozomi, Dragos).
Familiarity with protocols and systems common in OT (e.g., Modbus, DNP3, OPC, Siemens, Rockwell).

Preferred Qualifications:

Relevant certifications: CISSP, GICSP, GCIA, SANS ICS410/515, CISM, or equivalent.
Experience in oil & gas, utilities, energy, or other critical infrastructure sectors.
Strong leadership, communication, and stakeholder management skills.