Jacobs
Join to apply for the
OT SOC Manager
role at
Jacobs . The role is open, and only the first 25 applicants will be considered. Base Pay Range
$150,000.00/yr - $190,000.00/yr At Jacobs, we are leading the charge in protecting critical infrastructure through innovative cybersecurity solutions. As we expand our Operational Technology (OT) security capabilities, we need a dynamic OT SOC Manager to establish and grow our Security Operations Center focused on OT environments, including industrial control systems (ICS), SCADA, and other critical infrastructure. This remote position, available to U.S. candidates only, will report to the Manager of Managed Services and collaborate closely with OT, Engineering, and business unit leaders. Key Responsibilities
Design, implement, and optimize OT SOC infrastructure, selecting core tools such as SIEM (Elastic, Splunk, Microsoft Sentinel), SOAR platforms, EDR/XDR solutions, and OT‑tailored threat intelligence feeds. Develop and maintain OT‑specific incident response playbooks, runbooks, and automation workflows to enable efficient triage, escalation, and resolution of security events in industrial control systems. Recruit, train, mentor, and manage SOC analysts (Tier1‑3), fostering a high‑performing team capable of 24/7 monitoring and threat hunting in OT networks. Conduct risk assessments, vulnerability management, and threat modeling for OT assets, integrating findings into SOC processes to mitigate risks from industrial protocols such as Modbus, DNP3, OPC, Profinet, EtherNet/IP, and BACnet. Collaborate with cross‑functional teams—including OT engineers, network administrators, and business units—to onboard assets, ingest OT data, and align SOC operations with business objectives. Establish governance, escalation protocols, and reporting mechanisms, providing executive‑level updates on SOC metrics such as MTTD/MTTR, incident trends, and compliance status. Drive continuous improvement initiatives, including post‑incident reviews, tool integrations, and simulation drills to enhance OT SOC resilience against evolving threats. Ensure adherence to regulatory requirements (e.g., NERCCIP, TSA guidelines) and industry best practices while managing budget and resources for SOC scalability. Work with the sales team to develop client value propositions that leverage the full capabilities of the OT SOC across the client delivery lifecycle. Qualifications
Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, Engineering, or related field (or equivalent experience). 8+ years of cybersecurity operations experience, including at least 5 years in SOC management or leadership roles, with direct experience building and scaling a SOC from inception. Proven expertise in OT/ICS cybersecurity, including in-depth knowledge of industrial protocols and IT/OT network segmentation strategies. Expertise in MITRE ATT&CK® and ATT&CK forICS Frameworks for threat modeling and adversary emulation. Senior‑level knowledge of networking (TCP/IP, firewalls, switches, VLANs, routing protocols, IDS/IPS) and system administration (Windows/Linux, Active Directory, virtualization, patch management) applied to secure OT infrastructures. Hands‑on experience with SOC technologies such as SIEM/SOAR deployment, endpoint detection, log analysis, and network traffic analysis in hybrid/cloud environments. Strong leadership skills with a track record of managing remote, distributed teams and driving incident response in high‑stakes OT settings. Excellent communication and stakeholder management abilities, including experience presenting to C‑level executives. Ability to obtain and maintain necessary security clearances or certifications for critical infrastructure roles. Preferred Skills and Assets
Advanced certifications such as CISSP, CISM, GICSP, or GIAC Critical Infrastructure Protection. Experience in energy, manufacturing, or utilities sectors with knowledge of NERCCIP, NISTCSF, or IEC62443 frameworks. Proficiency in scripting/automation (Python, PowerShell) for SOC enhancements and familiarity with AI/ML‑driven threat detection. Prior consulting or advisory experience in OT SOC transformations. Experience with OT‑specific security tools (e.g., Nozomi, Claroty, Dragos). Familiarity with secure remote access solutions for OT environments (Beyond Trust,Cyolo,Dispel). Experience conducting tabletop exercises and red/blue team simulations in OT contexts. Travel
Minimal; up to 10% for optional team events or client site visits. What We Offer
Opportunity to shape a greenfield OT SOC and contribute to mission‑critical cybersecurity initiatives. Competitive salary and benefits package, including medical, dental, vision, life insurance, 401(k) with matching, paid time off, and stock options. Flexible remote work with occasional virtual meetings across U.S. time zones. To apply, please submit a resume and a cover letter highlighting your experience building SOC infrastructure in OT environments. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status (EEO Statement). Job posted on November17, 2025. This position will be open for at least 3days. We value collaboration and empower employees with a hybrid working policy that allows flexibility between Jacobs offices/projects and remote locations.
#J-18808-Ljbffr
OT SOC Manager
role at
Jacobs . The role is open, and only the first 25 applicants will be considered. Base Pay Range
$150,000.00/yr - $190,000.00/yr At Jacobs, we are leading the charge in protecting critical infrastructure through innovative cybersecurity solutions. As we expand our Operational Technology (OT) security capabilities, we need a dynamic OT SOC Manager to establish and grow our Security Operations Center focused on OT environments, including industrial control systems (ICS), SCADA, and other critical infrastructure. This remote position, available to U.S. candidates only, will report to the Manager of Managed Services and collaborate closely with OT, Engineering, and business unit leaders. Key Responsibilities
Design, implement, and optimize OT SOC infrastructure, selecting core tools such as SIEM (Elastic, Splunk, Microsoft Sentinel), SOAR platforms, EDR/XDR solutions, and OT‑tailored threat intelligence feeds. Develop and maintain OT‑specific incident response playbooks, runbooks, and automation workflows to enable efficient triage, escalation, and resolution of security events in industrial control systems. Recruit, train, mentor, and manage SOC analysts (Tier1‑3), fostering a high‑performing team capable of 24/7 monitoring and threat hunting in OT networks. Conduct risk assessments, vulnerability management, and threat modeling for OT assets, integrating findings into SOC processes to mitigate risks from industrial protocols such as Modbus, DNP3, OPC, Profinet, EtherNet/IP, and BACnet. Collaborate with cross‑functional teams—including OT engineers, network administrators, and business units—to onboard assets, ingest OT data, and align SOC operations with business objectives. Establish governance, escalation protocols, and reporting mechanisms, providing executive‑level updates on SOC metrics such as MTTD/MTTR, incident trends, and compliance status. Drive continuous improvement initiatives, including post‑incident reviews, tool integrations, and simulation drills to enhance OT SOC resilience against evolving threats. Ensure adherence to regulatory requirements (e.g., NERCCIP, TSA guidelines) and industry best practices while managing budget and resources for SOC scalability. Work with the sales team to develop client value propositions that leverage the full capabilities of the OT SOC across the client delivery lifecycle. Qualifications
Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, Engineering, or related field (or equivalent experience). 8+ years of cybersecurity operations experience, including at least 5 years in SOC management or leadership roles, with direct experience building and scaling a SOC from inception. Proven expertise in OT/ICS cybersecurity, including in-depth knowledge of industrial protocols and IT/OT network segmentation strategies. Expertise in MITRE ATT&CK® and ATT&CK forICS Frameworks for threat modeling and adversary emulation. Senior‑level knowledge of networking (TCP/IP, firewalls, switches, VLANs, routing protocols, IDS/IPS) and system administration (Windows/Linux, Active Directory, virtualization, patch management) applied to secure OT infrastructures. Hands‑on experience with SOC technologies such as SIEM/SOAR deployment, endpoint detection, log analysis, and network traffic analysis in hybrid/cloud environments. Strong leadership skills with a track record of managing remote, distributed teams and driving incident response in high‑stakes OT settings. Excellent communication and stakeholder management abilities, including experience presenting to C‑level executives. Ability to obtain and maintain necessary security clearances or certifications for critical infrastructure roles. Preferred Skills and Assets
Advanced certifications such as CISSP, CISM, GICSP, or GIAC Critical Infrastructure Protection. Experience in energy, manufacturing, or utilities sectors with knowledge of NERCCIP, NISTCSF, or IEC62443 frameworks. Proficiency in scripting/automation (Python, PowerShell) for SOC enhancements and familiarity with AI/ML‑driven threat detection. Prior consulting or advisory experience in OT SOC transformations. Experience with OT‑specific security tools (e.g., Nozomi, Claroty, Dragos). Familiarity with secure remote access solutions for OT environments (Beyond Trust,Cyolo,Dispel). Experience conducting tabletop exercises and red/blue team simulations in OT contexts. Travel
Minimal; up to 10% for optional team events or client site visits. What We Offer
Opportunity to shape a greenfield OT SOC and contribute to mission‑critical cybersecurity initiatives. Competitive salary and benefits package, including medical, dental, vision, life insurance, 401(k) with matching, paid time off, and stock options. Flexible remote work with occasional virtual meetings across U.S. time zones. To apply, please submit a resume and a cover letter highlighting your experience building SOC infrastructure in OT environments. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status (EEO Statement). Job posted on November17, 2025. This position will be open for at least 3days. We value collaboration and empower employees with a hybrid working policy that allows flexibility between Jacobs offices/projects and remote locations.
#J-18808-Ljbffr