Skip to main content Skip to footer

OT SOC Detection and Incident Response - L2

Riyadh Job No. 12371175 Full-time - On-Site

Job Description

Title: OT SOC Detection and Incident Response - Level 2

Location: Riyadh, Saudi Arabia

About Accenture  

Accenture is a global professional services company with leading capabilities in digital, cloud and security. Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Song, Technology and Operations services — all powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. Our 738,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities. Visit us at www.accenture.com.

About Accenture Security

Join Accenture Security to pioneer security solutions that blend risk strategy, digital identity, cyber defense, application security and managed services. Using the coolest next-gen tech, you’ll have every chance to stay one step ahead of cybercrime and out-hack the hackers.    

Accenture Security provides comprehensive security services – from security strategy development to business transformation, to managed security services – on demand and at a global scale to help mitigate risks and take full advantage of advanced technologies and proven risk management models. Our experienced team of global security professionals helps businesses understand their risks and build resilience from the inside out, giving them the confidence to focus on what matters most: innovation and business growth.

Responsibilities and Accountabilities

  • Able to assess current state capabilities, identify gaps, and plan initiatives to address gaps and accomplish project goals. Building out cybersecurity monitoring & response functions in operational environments.

  • Assessing OT security capabilities—specifically security operations and SOC capabilities.

  • Develop An integrated communication Plans between OTSOC, ITSCO and business.

  • Security Event Monitoring & alerting using Splunk (Level 1) and leverage the OT Cybersecurity Viability Tool (Nozomi) for detailed, analysis, and improvement (Level 2) Cyber Security Incident management.

  • Liaise with IT /OT Cyber security teams, site teams.

  • Manage support tickets raised by L1. And Security event analysis and recommendations related to OT and Help confirm incident tickets are updated and closed with all actions performed.

  • Build and maintain operating procedures & documentation (playbooks & IR plan).

  • Re-classify security incidents based on their impact.

  • Operational reports and dashboards will be out of the box from OT platform.

  • SOP and KB documentation update and maintenance which will be stored and maintained in the customer provided SharePoint site.

  • Monitoring and triage of OT security alerts (enrichment, log analysis, false positive suppression) Incident identification & prioritization

  • Log qualified incidents into client’s ITSM and coordinate with client CSIRT and resolver groups across the full lifecycle.

  • Provide remediation recommendations based on reaction plans.

  • Incident Management and escalation to Client CSIRT and/or external Incident Response teams according to playbooks

  • Categorize, document, measure, and report security incidents.

  • Familiar with SIEM Solution and OT Security Products SIEM integration.

  • Familiar with OT Asset Inventory and Vulnerability Management solution such as “Nozomi – Dragos, etc” certified is added value.

  • Use case development and tuning for OT sec threat detections.

  • Familiar with OT SOAR solution integration and content playbooks development / improvement.

  • Familiar with OT Forensics Tools and PCAP analysis.

  • Familiar with OT Threat Intelligence, Threat Hunting reports for major and well-known OT Cyber Incident. and provide SMART recommendation to organization.

  • GRID Certificate or official training is added value and plus to candidate.

Qualifications

Skills and Qualifications:

  • Have more than 7 years of experience overall (mixed between mainstream Automation Systems exposure and OT Cybersecurity exposure).

  • Proven track in IT/OT Cybersecurity general management consulting with stakeholder engagement and relationship management skills.

  • Excellent communication (written and oral) and interpersonal skills

  • Ability to work creatively and analytically in a problem-solving environment.

  • Fluent in Arabic and English language.

  • Ability to effectively communicate insights relating to an organization’s threat environment to improve its risk management posture.

  • Ability to work with the organization's leadership to provide a comprehensive, organization wide approach to address OT Cybersecurity risk and compliance.

  • Ability to develop and maintain IR OT Cybersecurity policies, standards, and related documentations.

  • Ability to communicate technical and planning information at the same level as a stakeholder’s understanding.

  • Knowledge and understanding of risk assessment, mitigation, and treatment methods.

  • Knowledge of relevant OT Cybersecurity aspects of legislative and regulatory requirements, relating to ethics and privacy.

  • Knowledge of OT Cybersecurity threats and vulnerabilities posed by new technologies and malicious actors.

  • Knowledge of Supervisory control and data acquisition system components.

  • Knowledge of ICS operating environments and functions.

  • Knowledge of ICS network architectures and communication protocols.

  • Knowledge of ICS devices and industrial programming languages.

  • Knowledge of intrusion detection methodologies and techniques for detecting ICS intrusions.

  • Knowledge of the likely operational impact on an organization of OT Cybersecurity breaches.

  • Knowledge of OT Cybersecurity authentication, authorization, and access control methods.

  • Knowledge of vulnerabilities in applications and their likely impact.

  • Knowledge of national OT Cybersecurity laws and regulations such as NCA ECC, OTCC, etc.

  • Knowledge of common information security standards, such as: IEC-62443, NCA, NERC-CIP, C2M2, ISO 27001/27002, NIST, etc.

Preferred Qualifications:

  • Bachelor’s degree in engineering, information security or relevant.

  • 7+ years of experience overall (mixed between mainstream Automation Systems exposure and OT Cybersecurity exposure).

  • Certified in GICSP, GRID or equal certifications are added value.

  • Why join us?

  • We offer a transparent, fast paced approach career progression, with a focus on your strengths and continuous coaching from senior colleagues.

  • You will benefit from working alongside Accenture experts who are solving some of the biggest industry challenges with innovative thinking and pioneering tools.

  • Flexible work arrangements and a range of benefits including competitive rewards.

  • You will have access to state-of-the-art technology that will give you the opportunity to deepen your existing skills even as you help create the latest business trends.

  • You will also have opportunities to make a difference to the communities in which we work and live. 

Why join us?

  • We offer a transparent, fast paced approach career progression, with a focus on your strengths and continuous coaching from senior colleagues.

  • You will benefit from working alongside Accenture experts who are solving some of the biggest industry challenges with innovative thinking and pioneering tools.

  • Flexible work arrangements and a range of benefits including competitive rewards.

  • You will have access to state-of-the-art technology that will give you the opportunity to deepen your existing skills even as you help create the latest business trends.

  • You will also have opportunities to make a difference to the communities in which we work and live.

Next Steps

If this sounds like the ideal role, career, and company for you, click below to apply. 
 

To learn more about life @AccentureMiddleEast, follow us on social media and keep up with our latest news.
 

Accenture Middle EastLinkedInInstagramFacebookTwitterYouTube

Life at Accenture

Training and Development

Take time away to learn and learn all the time in our regional learning hubs, connected classrooms, online courses and learning boards.

Work Environment

Be your best every day in a work environment that helps drive innovation in everything you do.

Learn more about Accenture

Our Expertise

See how we embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities.

Meet Our People

From entry-level to leadership, across all business and industry segments, get to know our people harnessing technology to make a difference, every day.

Stay connected

Join Our Team

Search open positions that match your skills and interest. We look for passionate, curious, creative and solution-driven team players.

Keep Up to Date

Stay ahead with careers tips, insider perspectives, and industry-leading insights you can put to use today–all from the people who work here.

Job Alert Emails

Personalize your subscription to receive job alerts, latest news and insider tips tailored to your preferences. See what exciting and rewarding opportunities await.