Internship in Cybersecurity at Mapfre, gaining hands - on experience in incident response and data analysis. Working within a collaborative team to develop cybersecurity skills and knowledge.
About the role
- OT Cybersecurity Data Engineer focusing on SIEM solutions for OT environments. Collaborating on security measures and optimizing monitoring for industrial infrastructure.
Responsibilities
- Design, implement, and test SIEM and SOAR solutions tailored for OT environments, considering the unique challenges and protocols involved.
- Integrate various OT data sources (e.g., IDS, EDR, control system logs, network traffic from industrial protocols) into the SIEM platform.
- Develop and maintain custom parsers, normalizers, and correlation rules to effectively analyze OT-specific logs and events within the SIEM.
- Collaborate with OT operations and engineering teams to understand their systems, data sources, and security monitoring requirements.
- Configure and optimize the SIEM platform for performance, scalability, and stability in an OT context.
- Develop and maintain OT-focused dashboards and reports within the SIEM to provide actionable insights into security posture and potential threats.
- Tune and optimize SIEM rules and alerts to minimize false positives and ensure high-fidelity detection of OT security incidents.
- Develop and maintain documentation for the OT SIEM architecture, data sources, rules, and operational procedures.
- Collaborate with IT security teams to ensure seamless integration and correlation of security events across both IT and OT environments.
- Stay up-to-date on the latest OT cybersecurity threats, vulnerabilities, and SIEM capabilities relevant to industrial control systems.
- Evaluate and recommend new SIEM features, integrations, and related security technologies for enhancing OT security monitoring.
- Provide training and support to security analysts and other stakeholders on the use of the OT SIEM.
Requirements
- Demonstrated experience working with SIEM platforms (e.g., Sumo Logic, Palo Alto Cortex XSOAR) and a strong understanding of their architecture, configuration, and rule development.
- Understanding of OT protocols (e.g., Modbus, DNP3, IEC 61850), industrial control systems (e.g., PLC, SCADA, DCS), and their logging mechanisms.
- Experienced in parsing and normalizing complex log formats, including those specific to OT devices and applications.
- 5+ years of experience integrating OT data sources with enterprise SIEM platforms.
- Knowledge of security frameworks and standards relevant to OT (e.g., NIST SP 800-82, IEC 62443).
- Experienced in scripting languages (e.g., Python, PowerShell) for SIEM automation and data manipulation.
- Relevant certifications such as GICSP, GRID, CISSP, or SIEM-specific certifications.
- Familiarity with threat intelligence platforms and their integration with SIEM for OT threat detection.
- Willing to work with shift timings: 12:00 PM to 09:00 PM.
Benefits
- Comprehensive mindfulness programmes with a premium membership to Calm.
- Volunteer Paid Time off available after 6 months of employment for eligible employees.
- Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
- Employee Assistance Program.
- Personalised wellbeing programs through our OnTrack programme.
- On-demand digital course library for professional development.
- ... and other local benefits!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Senior Cybersecurity GRC Specialist shaping Orion Pharma's cybersecurity governance, risk management, and compliance. Engaging with teams to enhance security posture and meet regulatory standards.
Product Security expert ensuring secure software development at NETGEAR. Championing security practices and monitoring vulnerabilities while collaborating with development teams.
System Architect driving secure cloud - native applications using cutting - edge technologies for Product Security at Nokia. Leading AI - driven design and architecture with collaboration across global teams.
Cyber Security Engineer protecting data from threats in a fintech startup. Collaborating with the Information Security Team and implementing security controls for technical projects.
Junior Security Incident Responder in an innovative IT service company protecting clients against cyber threats. Collaborating with teams to enhance IT security and respond to incidents.
Security Incident Responder managing IT security incidents in the Security Operations Center, analyzing threats and coordinating responses effectively for clients' safety.
Senior Security Engineer developing and enhancing security infrastructure for Bank Frick, a pioneer in blockchain banking. Responsible for managing security processes and collaborating with IT teams.
Werkstudent Cyber Security bei Wavestone, Unterstützung im IT - Consulting und Entwicklung im Bereich Cyber - Sicherheit. Analyse von Trends und aktive Teilnahme an Teamaktivitäten.
Project Manager for Security Technology managing complex security projects in MENA region. Involving internal teams and external integrators ensuring project success and client satisfaction.