Senior SOC Analyst

As a Senior SOC Analyst, you will serve as a critical line of defense in our cybersecurity operations, responsible for triaging, escalating, and investigating security alerts across IT and OT environments.

You will work closely with Tier 1 analysts, incident responders, and plant operators to ensure rapid detection and response to cyber threats, particularly within OT systems.

About the CCSH NAM Hub

The Cybersecurity Connected Services Hub (CCSH) - North America (NAM) is Schneider Electric's strategic cybersecurity hub for delivering advanced Managed Security Services (MSS) to external clients.

As the flagship of our 24/7 global Managed Security Operations Center (SOC), the NAM Hub focuses on securing OT environments across critical infrastructure and industrial systems.

As part of our global Cybersecurity Solutions Services business, we drive innovation in threat detection and response, vulnerability and asset management, and security automation by leveraging best-in-class tools, people, and proven processes, along with deep domain expertise, to deliver impactful security outcomes at scale.

Key Responsibilities


* Monitor and Analyze Security Telemetry
Continuously monitor telemetry from OT-specific sensors, IT-Specific Sensors, SIEM platform, and Network Security tools to detect anomalous activity across OT environments.



* Triage and Enrich Security Alerts
Investigate and prioritize alerts using ML and AI-driven recommendations and contextual threat intelligence to determine severity and relevance.



* Incident Escalation and Documentation
Escalate validated incidents following established SOPs, ensuring accurate and timely documentation of findings and actions taken.



* Correlate Multi-Source Data
Correlate alerts from various sources to identify true positives and uncover complex attack patterns or persistent threats.



* Coordinate with Operational Technology (OT) Stakeholders
Collaborate with plant operators and OT personnel during incident investigations to ensure minimal disruption to critical infrastructure.



* Support Incident Response Activities
Assist in containment, eradication, and recovery efforts during security incidents, and contribute to post-incident reviews and reporting.



* Mentor and Support Tier 1 Analysts
Provide guidance and technical support to L1 analysts, helping to improve triage accuracy and SOC efficiency.



* Contribute to SOC Process Improvement
Participate in the development and refinement of SOC playbooks, procedures, and automation workflows (SOAR).



* Maintain Situational Awareness
Stay informed on emerging threats, vulnerabilities, and attack techniques relevant to OT and ICS environments.

What qualifications will make you successful for this role?

Required:


* 2-4 years of experience in a Security Operations Center (SOC) or cybersecurity operations role



* An understanding of ICS/SCADA s...