OT Cybersecurity Analyst

The Cybersecurity Analyst is responsible for monitoring, documenting, and supporting the cybersecurity posture of client's IT and OT environments. This role focuses on reviewing and analyzing security alerts, identifying vulnerabilities, maintaining cybersecurity configurations, and escalating potential threats or incidents to senior team members. The analyst leverages data from multiple cyber defense tools (e.g., SIEM, IDS/IPS, firewalls, network traffic logs) to detect, analyze, and mitigate cybersecurity threats across corporate and operational technology networks.Essential Duties & ResponsibilitiesMonitor, detect, identify, and alert on potential cyberattacks, intrusions, anomalous activity, and misuse eventsAnalyze alerts and logs to distinguish malicious activity from normal system behaviorSupport protection of corporate and operational networks through continuous monitoring and analysisAnalyze logs, packets, and security messages from various systems and applicationsIdentify cyber threat tactics, techniques, and methods (TTPs)Identify, document, and help remediate gaps in the organization's cybersecurity postureTest systems for vulnerabilities and support vulnerability management initiativesDocument and escalate incidents in accordance with established proceduresRespond to urgent cybersecurity events and incidents, including after-hours support as neededReview incidents to determine root cause and operational impactMonitor external threats and hostile content directed toward organizational or partner interestsRecommend procedural improvements to support strong cyber hygienePrepare threat briefings, situational updates, and threat activity reportsTrack and report on adversarial activity across enterprise environmentsEnvironment & Technical FocusCorporate IT network supporting internet access, routing, security policies, and user accessOperational Technology (OT) environments supporting building systems such as:HVAC, lighting, and electrical systemsAccess control and CCTVBuilding automation and scheduling systemsMedium-sized, distributed campus environment with fiber-optic infrastructureMultiple building environments, each operating as an isolated network within a single domainExposure to log collection, remote troubleshooting, and system monitoring across both IT and OT systemsEducation & Required ExperienceAssociate's or Bachelor's degree in business, technology, or a related field preferred3-5 years of experience in IT security or cybersecurityExperience with SIEM platforms, IDS, and IPS technologiesExperience working with logs, network packets, and security event dataBasic scripting skills (Python, PowerShell, Bash)Experience with vulnerability management and testingExperience with network packet analysisExperience with log analysis and log managementExperience with cloud security management interfacesExperience with enterprise authentication systems (e.g., Active Directory, IAM platforms)Incident handling and response experience preferredWorking knowledge of:Core cybersecurity concepts (CIA triad, encryption, risk management)Networking protocols and traffic flowCybersecurity threats, vulnerabilities, and threat huntingCybersecurity laws and regulationsFamiliarity with security frameworks such as NIST and MITRE ATT&CK preferredUnderstanding of differences between IT and OT network environmentsExperience working on project teams; project management exposure preferredIntermediate understanding of threat intelligence research and methodologiesFamiliarity with adversarial TTPs

Created: 2026-02-08