Industrial Control Systems (ICS) Security Specialist

About The Position

Requirements

• Hands‑on experience supporting cybersecurity controls within PCN, OT, or ICS environments
• Practical knowledge of IDS technologies in industrial networks (Microsoft IDS preferred)
• Experience with Microsoft security technologies and Azure security services
• Azure Data Explorer (ADX) for log ingestion, querying, and analytics
• Working knowledge of Kusto Query Language (KQL) for log analysis and threat hunting (preferred)
• Experience supporting SOC workflows and incident handling processes
• Understanding of OT / PCN constraints, including safety, availability, and reliability requirements
• Strong collaboration, documentation, and technical communication skills

Nice To Haves

• Microsoft IDS preferred
• Kusto Query Language (KQL) for log analysis and threat hunting

Responsibilities

• Deploy, operate, and maintain IDS solutions within PCN / OT environments, including Microsoft‑based IDS technologies.
• Monitor IDS alerts and security telemetry, using Azure‑based reporting and analytics platforms such as Azure Data Explorer (ADX).
• Tune and optimize IDS use cases to improve detection accuracy and reduce false positives.
• Monitor network traffic patterns and security events to identify potential threats and anomalous behavior.
• Perform operational threat hunting activities across PCN environments.
• Investigate detected security events to determine severity, impact, and required response.
• Support incident response and investigation activities in collaboration with the SOC, including post‑incident analysis.
• Execute incident response and notification activities in alignment with the Global BP Digital security incident management process.
• Analyze security events using enterprise tools, including firewalls, Windows Active Directory event logs, syslog, antivirus platforms, file integrity monitoring, vulnerability scanners, and IDS tooling.
• Perform detailed traffic analysis, configuration review, and event correlation to support accurate issue identification and root cause analysis.
• Support evaluation and adoption of new or enhanced Microsoft security capabilities for PCN use cases.
• Contribute to tool integration, scripting, and DevSecOps‑oriented automation (including API‑based solutions where applicable).
• Develop and maintain operational procedures, runbooks, and documentation for IDS and security services.
• Support automation of routine tasks such as reporting, data collection, and operational health checks to improve efficiency and analytical focus.
• Suggest and contribute to improvements in monitoring content and security use cases in collaboration with senior team members.
• Work closely with Digital Security (DS) leaders across global PCN environments to support investigations and site‑specific security needs.
• Collaborate with OT, PCN, IT security teams, vendors, and the SOC to support secure and reliable operations.
• Participate in cross‑regional coordination, shift handovers, and follow‑the‑sun operational support.
• Contribute to structured knowledge sharing and ongoing enablement of regional teams.

Benefits

• flexible working options
• a generous paid parental leave policy
• excellent retirement benefits