Rockwell Automation

Cyber Security Data Engineer

Rockwell Automation

full-time

Posted on:

Location Type: Hybrid

Location: New DelhiIndia

Visit company website

Explore more

AI Apply
Apply

About the role

  • Design, implement, and test SIEM and SOAR solutions tailored for OT environments, considering the unique challenges and protocols involved.
  • Integrate various OT data sources (e.g., IDS, EDR, control system logs, network traffic from industrial protocols) into the SIEM platform.
  • Develop and maintain custom parsers, normalizers, and correlation rules to effectively analyze OT-specific logs and events within the SIEM.
  • Collaborate with OT operations and engineering teams to understand their systems, data sources, and security monitoring requirements.
  • Configure and optimize the SIEM platform for performance, scalability, and stability in an OT context.
  • Develop and maintain OT-focused dashboards and reports within the SIEM to provide actionable insights into security posture and potential threats.
  • Tune and optimize SIEM rules and alerts to minimize false positives and ensure high-fidelity detection of OT security incidents.
  • Develop and maintain documentation for the OT SIEM architecture, data sources, rules, and operational procedures.
  • Collaborate with IT security teams to ensure seamless integration and correlation of security events across both IT and OT environments.
  • Stay up-to-date on the latest OT cybersecurity threats, vulnerabilities, and SIEM capabilities relevant to industrial control systems.
  • Evaluate and recommend new SIEM features, integrations, and related security technologies for enhancing OT security monitoring.
  • Provide training and support to security analysts and other stakeholders on the use of the OT SIEM.

Requirements

  • Demonstrated experience working with SIEM platforms (e.g., Sumo Logic, Palo Alto Cortex XSOAR) and a strong understanding of their architecture, configuration, and rule development.
  • Understanding of OT protocols (e.g., Modbus, DNP3, IEC 61850), industrial control systems (e.g., PLC, SCADA, DCS), and their logging mechanisms.
  • Experienced in parsing and normalizing complex log formats, including those specific to OT devices and applications.
  • 5+ years of experience integrating OT data sources with enterprise SIEM platforms.
  • Knowledge of security frameworks and standards relevant to OT (e.g., NIST SP 800-82, IEC 62443).
  • Experienced in scripting languages (e.g., Python, PowerShell) for SIEM automation and data manipulation.
  • Relevant certifications such as GICSP, GRID, CISSP, or SIEM-specific certifications.
  • Familiarity with threat intelligence platforms and their integration with SIEM for OT threat detection.
  • Willing to work with shift timings: 12:00 PM to 09:00 PM.
Benefits
  • 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SIEMSOAROT protocolslog parsingrule developmentscripting languagesdata normalizationsecurity monitoringdata integrationperformance optimization
Soft Skills
collaborationcommunicationtrainingdocumentationproblem-solvinganalytical thinkingattention to detailadaptabilityteamworksupport
Certifications
GICSPGRIDCISSPSIEM-specific certifications