Full Time
Starlink WLL -
Qatar , Doha
--
Company

Job Details

Job Description

Roles & Responsibilities

Security Monitoring & Threat Detection • Administration, management, and Support deployment and tuning of OT security tools (Nozomi, Forescout).

  • Monitor OT/ICS environments using SIEM and OT security monitoring platforms

  • Detect, analyze, and respond to cyber threats targeting industrial control systems

  • Support and ensure micro segmentation strategies for OT network zones (Purdue Model alignment)

  • Collaborate with engineering teams to safely implement containment actions in live OT environments

  • Conduct threat hunting across industrial environments using network and log data

  • Handle and support incident response for OT cyber events with minimal operational disruption

  • Maintain OT asset visibility and network behavior baselines

  • Ensure compliance with IEC 62443, NIST ICS, and organizational security standards

  • Work with firewall, IDS/IPS, NAC, and segmentation technologies in OT networks

Detection Engineering & Use Case Management • Develop and tune OT-specific detection rules and correlation logic in SIEM platforms.

  • Align detection use cases with MITRE ATT&CK for ICS framework.

  • Reduce false positives and improve detection accuracy and coverage.

  • Periodically review and optimize alert thresholds and detection logic.

  • Support OT security architecture integrating SIEM, IDS/IPS, packet brokers, and segmentation tools.

  • Assist in onboarding log sources, parser development, and normalization of OT data.

  • Optimize dashboards, alerts, and reporting for operational visibility.

OT Network Visibility, Packet Analysis & Traffic Engineering • Operate packet brokers and TAP infrastructure to enable full OT network visibility.

  • Perform deep packet inspection of industrial protocols (Modbus, DNP3, OPC-UA, IEC 104, Ethernet/IP).

  • Analyze east-west and north-south traffic for suspicious activity and lateral movement.

  • Identify unauthorized communications and protocol anomalies.

  • Support network telemetry collection for OT environments.

Asset Visibility, Threat Hunting & Compliance Management • Maintain complete OT asset inventory and network topology visibility.

  • Identify unauthorized devices, rogue connections, and shadow OT assets.

  • Conduct proactive threat hunting using logs, network telemetry, and behavioral analytics.

  • Correlate threat intelligence with OT environment risks and vulnerabilities.

  • Ensure compliance with IEC 62443, NIST ICS, ISO standards, and internal security policies.

  • Support internal/external audits and provide security evidence for compliance reporting.

  • Contribute to risk assessments and OT security posture improvement initiatives.

Reporting & Stakeholder Management • Prepare and present OT security reports (incidents, risks, and trends)

  • Maintain dashboards for vulnerabilities, threats, and compliance status

  • Communicate critical incidents and risks to SOC, OT, and business stakeholders

  • Provide executive-level reporting on OT security posture and exposure

  • Track remediation status and SLA Tracking

  • Support audit and regulatory reporting requirements (IEC 62443, NIST ICS)

Desired Candidate Profile

Education and Certification Requirements • Bachelor’s degree in Cybersecurity, Information Security, Computer science or related field.

  • Certification any one Mandatory:

o GIAC Global Industrial Cyber Security Professional (GICSP)

o ISA/IEC 62443 Cybersecurity Certificate

o GIAC Response and Industrial Defense (GRID)

o ISA Certified Automation Cybersecurity Specialist (IACS)

Job Specific Technical Skills • OT/ICS systems (SCADA, DCS, PLC)

  • OT network architecture (Purdue Model, DMZ, segmentation)

  • Microsegmentation & Zero Trust for OT

  • Packet analysis & Deep Packet Inspection (DPI)

  • Packet brokers & TAP/SPAN technologies

  • SIEM & OT monitoring tools (Sentinel, Nozomi, Forcescout)

  • Incident response in OT environments

  • OT threat hunting & anomaly detection

  • Threat Detection & Analysis

  • Industrial firewalling & remote access security

  • OT vulnerability management & asset visibility

  • Compliance (IEC 62443, NIST ICS)

Similar Jobs

About Starlink WLL
Qatar, Doha