Lead SOC Engineer (OT Cybersecurity)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Overview OT Detection is a senior technical and engineering leader role focused on designing and implementing advanced threat detection capabilities within OT environments.
Key Skills for This Role
Full Job Posting
Overview
OT Detection is a senior technical and engineering leader role focused on designing and implementing advanced threat detection capabilities within OT environments.
Operating within CPX’s hybrid Security Operations Centers (SOCs), this role emphasizes engineering detection logic, integrating OT telemetry, and enhancing visibility across ICS/SCADA systems.
The position requires deep expertise in OT cybersecurity, threat hunting, and SOC operations, with a strong understanding of regional industrial sectors and compliance frameworks.
Responsibilities
- Detection Engineering : Design, develop, and fine tune OT specific detection use cases, correlation rules, and analytics within SIEM platforms to enhance threat visibility and reduce false positives.
- SOAR Playbook Engineering: Build, maintain, and optimize SOAR playbooks to automate investigation and response workflows for OT and IT security events.
- Alert Development & SOC Enablement: Create, refine, and document SOC alert logic to ensure high fidelity detection and smooth operational handover to analysts.
- Tool Integration: Deploy, configure, and optimize OT security platforms such as Dragos, Claroty, and Nozomi to improve monitoring coverage and asset visibility.
- Telemetry Onboarding: Integrate OT data sources—including PLC logs, historian data, network telemetry, and asset inventories—into SIEM/SOAR and broader SOC workflows.
- SOC Collaboration: Partner closely with SOC analysts and IT/OT teams to validate detections, enhance triage processes, and ensure seamless integration of OT monitoring capabilities.
- Compliance Alignment: Ensure all detection and response strategies align with relevant regulatory and industry frameworks, including NESA, SAMA, NIST 800 82, and IEC 62443.
- Incident Support: Lead or support technical investigations involving OT assets, providing deep expertise during incident response activities and post incident reviews.
Skills And Certifications (Technical & Non-Technical : -
- Advanced OT Detection Engineering: Proven ability to design and implement high-fidelity detection logic tailored to OT environments, including ICS/SCADA systems and industrial protocols.
- Deep Protocol Expertise: Strong hands-on experience with OT/ICS protocols such as Modbus, DNP3, OPC, IEC 61850, and their behavioral patterns in threat scenarios.
- SIEM Use Case Development: Extensive experience building and tuning OT-specific use cases and correlation rules in SIEM platforms (e.g., QRadar, Splunk), with a focus on minimizing false positives and enhancing alert fidelity.
- Telemetry Integration: Skilled in onboarding OT telemetry sources (e.g., PLC logs, historian data, network traffic) into SOC workflows for enhanced visibility and detection.
- Scripting & Automation: Proficient in Python and PowerShell for automating detection workflows, parsing OT logs, and building custom alerting mechanisms.
- Cross-Domain Collaboration: Strong communication and collaboration skills to work effectively with SOC analysts, OT engineers, and incident response teams.
- Operational Awareness: Deep understanding of SOC operations, OT threat landscapes, and the unique challenges of securing industrial environments in the Middle East.
- Certifications : -
- Cybersecurity: CISSP, CISM, or equivalent.
- OT-Specific: GICSP, GRID, ISA/IEC 62443 Cybersecurity Certificate, Dragos, Nozomi.
- Networking: CCNP/CCIE.
- Additional certifications related to SOAR or SIEM solutions would be considered an advantage
Minimum Work Experience : -
- Minimum of 8–10 years in SOC operations, with significant experience in OT cybersecurity.
- Prior experience in a lead engineering role within a SOC or industrial cybersecurity environment.
Education
- Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
- Master’s degree or equivalent recognized cybersecurity certifications preferred
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at CPX
SOC Platform Engineer
Abu Dhabi Emirate, UAE
CPX is hiring a SOC Platform Engineer with at least 4 years of experience to manage Threat Intelligence Platforms and other SOC solutions. The role involves platform management, integration with SOC tools, automation dev
Associate Consultant – Cyber Consulting Services
Abu Dhabi Emirate, UAE
We are seeking an Associate Consultant to support Cyber Academy engagements including training, advisory, cyber exercises, and awareness. You will assist in developing training materials, conducting research, and support
Senior Specialist Threat Intelligence Analyst
Abu Dhabi, UAE
CPX is seeking a Lead Threat Intelligence Analyst to conduct all-source intelligence analysis, manage threat intelligence platforms, and produce high-quality assessments. The ideal candidate has 8+ years of experience in
Lead - Threat Intelligence
Abu Dhabi, UAE
CPX seeks a Lead Threat Intelligence Analyst to conduct all-source intelligence analysis, manage threat intelligence platforms, and produce high-quality intelligence products. The role requires strong analytical skills,
Junior Legal Counsel
Abu Dhabi, UAE
CPX is looking for a Junior Legal Counsel to provide legal advice on technology transactions, corporate governance, regulatory, compliance, and intellectual property matters. The role requires 1-3 years of PQE with compl
Specialist - HSE
Abu Dhabi, UAE
CPX seeks an experienced HSE Officer to ensure health, safety, and environmental governance during OT cybersecurity and critical infrastructure projects in substations and control centers. The role involves managing HSE
Lead Consultant - Client Success (CPX)
Abu Dhabi, UAE
CPX is hiring a Lead Consultant to serve as a trusted cybersecurity advisor and client success lead for managed security services clients. The role involves driving customer success, service governance, technical advisor
Lead Engineer - OT Cybersecurity
Abu Dhabi, UAE
CPX is seeking a Lead Engineer - OT Cybersecurity to implement OT cybersecurity solutions in utility environments and substations. The role involves hands-on deployment of cybersecurity technologies, infrastructure desig
SOC Platform Engineer
Abu Dhabi Emirate, UAE
Associate Consultant – Cyber Consulting Services
Abu Dhabi Emirate, UAE
Senior Specialist Threat Intelligence Analyst
Abu Dhabi, UAE
Lead - Threat Intelligence
Abu Dhabi, UAE
Junior Legal Counsel
Abu Dhabi, UAE
Specialist - HSE
Abu Dhabi, UAE
Lead Consultant - Client Success (CPX)
Abu Dhabi, UAE
Lead Engineer - OT Cybersecurity
Abu Dhabi, UAE