OT SOC Analyst - OT Industrial Cyber Security

Lead. Influence. Deliver excellence in OT cyber security.

SIS Industrial Cyber Security is a specialist OT / industrial cyber security consulting firm trusted by critical infrastructure and industrial organisations globally. Our success has been built on deep technical expertise, world-class consulting, and consistently defensible outcomes in complex, high-consequence environments.

As SIS continues to grow its presence and client impact across Asia Pac and the Middle East, this role plays a critical part in ensuring continuous monitoring, detection, andresponse across industrial and enterprise environments.

The Role

As an SOC Analyst (L1/L2), you will operate within a 24x7 MSSP environment, supporting multiple client environments across IT and OT domains.

This is a hands-on operational role, focused on real-time detection, investigation, and response. You will work closely with senior analysts, threat hunters, and incident response teams to maintain security visibility and rapidly respond to threats impacting critical infrastructure.

This role is suited for practitioners who:

• Thrive in high-tempo, real-time security operations
• Have strong analytical and investigation skills
• Are interested in industrial (OT/ICS) cybersecurity environments

Work is largely remote, with periodic regional and international travel required.

• Monitor and triage alerts across SIEM, EDR, NDR, and OT monitoring platforms
• Perform initial investigation, correlation, and analysis of security events
• Investigate incidents based on severity, impact, and defined playbooks
• Conduct Deep dive analysis of confirmed incidents to identify attack patterns
• Drive Incident response actions for confirmed incidents and limit the impact of the attack
• Fine tune use cases based on the correlation logic and threat actor TTPs.
• Support containment and remediation actions during active incidents
• Monitor OT/ICS environments (e.g., SCADA, industrial networks, energy systems) (where applicable)
• Conduct IOC-based investigations and basic threat analysis
• Maintain incident documentation, reports, and SOC knowledge base
• Conduct threat hunting across the telemetry to proactively identify threats.
• Participate in shift handovers, ensuring continuity of operations.

• Relevant Bachelor degree qualification in IT or Engineering
• You bring 2-3 years of hands-on SOC experience with a strong operational mindset
• You are comfortable working in a 24x7 shift-based environment
• You have good communication and stakeholder management skills
• You demonstrate structured investigation and analytical thinking
• You are able to operate across multi-tenant MSSP environments
• You are good at scripting and can automate repetitive tasks
• You have exposure to MITRE ICS framework and common TTPs of threat actors
• Exposure to OT/ICS cybersecurity is a strong advantage
• You must have Philippines work authorisation rights at the start of employment

• A proven specialist – 100% dedicated to OT / industrial cyber security, with a track record of trusted delivery in critical infrastructure environments
• Credibility that matters – work is valued because it stands up to engineering, operational, and executive scrutiny
• Meaningful influence – our team actively shape standards, outcomes, and how the firm continues to improve
• Regional scale with focus – delivers across Asia Pacific and the Middle East without losing specialist depth
• Sustainable excellence – success built on quality, accountability, and continuous improvement, not volume or hype