Senior SOC Threat Hunt Analyst

The SOC Threat Hunt Analyst plays a proactive role in identifying advanced threats and anomalies within Operational Technology (OT) environments.

This role focuses on hypothesis-driven investigations, behavioral analytics, and the development of threat detection strategies and threat models to enhance the security posture of critical infrastructure clients.

The analyst will work closely with detection engineers, incident responders, and SOC teams to uncover stealthy adversaries and improve detection capabilities.

About the CCSH NAM Hub

The Cybersecurity Connected Services Hub (CCSH) - North America (NAM) is Schneider Electric's strategic cybersecurity hub for delivering advanced Managed Security Services (MSS) to external clients.

As the flagship of our 24/7 global Managed Security Operations Center (SOC), the NAM Hub focuses on securing OT environments across critical infrastructure and industrial systems.

As part of our global Cybersecurity Solutions Services business, we drive innovation in threat detection and response, vulnerability and asset management, and security automation by leveraging best-in-class tools, people, and proven processes, along with deep domain expertise, to deliver impactful security outcomes at scale.

Key Responsibilities


* Develop and Execute Threat Hunt Campaigns
Design and conduct structured, hypothesis-driven threat hunts across OT networks, focusing on OT environments.



* Maintain Threat Detection Library
Own and curate the threat detection knowledge base, including behavioral patterns, adversary TTPs, and detection logic.



* Collaborate with Detection Engineering
Recommend new detection logic, rule tuning, and telemetry enhancements based on hunt findings and threat intelligence.



* Document Hunt Hypotheses and Findings
Maintain detailed logs of hunt activities, hypotheses, methodologies, and outcomes to support continuous improvement and knowledge sharing.



* Identify Gaps in Visibility and Coverage
Analyze telemetry sources and alert fidelity to identify blind spots and recommend improvements in data collection and monitoring.



* Develop and Maintain Threat Models
Build and update threat models tailored to MSS clients, aligning with MITRE ATT&CK for ICS and other relevant frameworks.

What qualifications will make you successful for this role?

Required:


* 3-5 years of experience in cybersecurity operations, with at least 1-2 years in threat hunting or advanced SOC roles



* An understanding of OT/ICS protocols is desirable



* Experience with cyber behavioral analytics and cyber threat modeling



* Familiarity with MITRE ATT&CK and adversary emulation techniques



* Strong analytical and investigative mindset with a hypothesis-driven approach



* Ability to work independently and collaborate across SOC, engineering, and client facing teams.


* Able to work full-time based in Boston, MA

Preferred:


* H...