About The Position

This role is for an Operational Technology (OT) Security Detection & Response Engineer II to design and operationalize detection strategies, incident response playbooks, and security workflows across OT and traditional Information Technology (IT) environments. This role will be responsible for building the foundation of how our Security Operations Center (SOC) detects, investigates, and responds to cyber threats impacting industrial systems, with a strong emphasis on safety, uptime, and real-world operational constraints.

Requirements

  • Bachelor’s degree in Computer Science, Information Systems, or related field
  • 2+ years in OT/ICS or critical infrastructure environments
  • Cybersecurity experience in SOC, detection engineering, or incident response
  • Experience building detections, playbooks, and response processes
  • Understanding of safety and availability constraints in OT environments
  • Experience designing OT-safe response strategies
  • Familiarity with incident response model(s) and segmentation
  • Ability to coordinate with plant operations teams
  • Experience building detection capabilities from scratch
  • Ability to translate threats into detection + playbook + response workflows
  • Strong IT/OT bridging capability
  • Experience working with SOC analysts and IT/OT engineers

Nice To Haves

  • Security-related certifications: GICSP, CISSP or GCIP, IEC 62443 or ICS-related training preferred

Responsibilities

  • Design and build OT-specific detection use cases, correlation rules, and analytics in SIEM/SOAR platforms
  • Create alerts using ICS/SCADA/OT logs, network telemetry, and industrial protocols
  • Tune detections to reduce false positives and improve fidelity
  • Develop SOC playbooks and SOAR workflows for OT incident response to integrate with existing IT processes
  • Translate detections into actionable investigation and containment steps
  • Automate alert enrichment and triage workflows
  • Design detection-to-recovery response processes for OT incidents
  • Ensure response actions do not disrupt safety or operations
  • Support investigations and root cause analysis
  • Integrate OT telemetry into enterprise SOC workflows
  • Collaborate with SOC, IT security, and OT engineering teams
  • Enhance detection coverage and reduce gaps
  • Track MTTD/MTTR and effectiveness of playbooks

Benefits

  • Comprehensive engineering, supply chain, and manufacturing solutions
  • Global reach with local expertise
  • Scalable and customized solutions
  • Sustainable processes that minimize environmental impact
  • Foster vibrant and diverse communities
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service