HRize LLC
Technical Consultant – Threat Detection, Response & Intelligence
HRize LLC, Dallas, Texas, United States, 75215
Overview
We are seeking highly skilled Technical Consultants specializing in Threat Detection, Response & Intelligence to support a mission‑critical cybersecurity program. This role is focused on Operational Technology (OT) security, threat detection, incident response, and advanced threat intelligence within a 24/7 Security Operations environment.
As an OT Security Shift Lead, you will be responsible for identifying, analyzing, and mitigating cyber threats targeting critical infrastructure systems. The ideal candidate brings deep cybersecurity expertise, hands‑on OT/ICS experience, and a strong analytical mindset to help protect industrial networks and operational assets.
Key Responsibilities
Monitor, detect, triage, and investigate security events across OT and IT environments using SIEM, SOAR, EDR, XDR, IDS/IPS, and other cybersecurity platforms.
Lead incident investigations, determine severity/impact, and provide clear, actionable recommendations.
Apply frameworks such as MITRE ATT&CK, Cyber Kill Chain, and industry best practices to analyze adversarial behavior and improve detection capabilities.
Interpret logs and telemetry from Windows, Linux, macOS endpoints, and network infrastructure.
Support containment, eradication, and recovery activities for security incidents.
Operational Technology (OT) Security
Work extensively with OT/ICS systems including SCADA, PLCs, RTUs, HMIs, DCS, and industrial networks.
Analyze OT‑specific network traffic and anomalies to identify threats targeting critical operational systems.
Support the protection of industrial control systems and power/utility operations from cyber threats.
Security Operations Leadership
Serve as a Shift Lead for a 24/7 SOC, providing operational oversight during assigned shifts.
Mentor junior analysts, review investigations, guide response actions, and ensure high‑quality incident documentation.
Collaborate with cross‑functional security teams to improve SOC processes, playbooks, and response procedures.
Threat Intelligence & Vulnerability Management
Perform threat intelligence gathering, correlation, and reporting to identify active and emerging threats.
Support vulnerability assessments across OT and IT environments; help prioritize and recommend remediation steps.
Contribute to continuous improvement of detection rules, threat models, and defensive strategies.
Reporting & Communication
Prepare and deliver incident reports, threat summaries, and technical documentation.
Communicate complex technical information clearly to both technical and non‑technical stakeholders.
Ensure accurate shift handovers and maintain high‑quality operational records.
Required Qualifications
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field (Master’s preferred).
5–7+ years in a cybersecurity‑focused role; SOC experience strongly preferred.
3+ years of hands‑on OT/ICS experience, including work with: SCADA systems
PLCs, RTUs, HMIs
Strong cybersecurity fundamentals, including: Networking (TCP/IP, UDP, DNS)
Security architecture and threat detection principles
Advanced certifications strongly preferred: CySA+, CEH, OSCP, GICSP, CCNA Security, ISA/IEC 62443, or equivalent OT‑security credentials.
Nice‑to‑Have Skills
Experience with OT protocols such as DNP3, Modbus, IEC 104, OPC UA, etc.
Proficiency with cybersecurity tools: SIEM, SOAR, IDS/IPS, EDR, NTA, PCAP analysis tools.
Strong analytical and problem‑solving abilities with excellent attention to detail.
Experience creating professional reports and presenting findings.
Demonstrated ability to lead, mentor, and support junior SOC analysts.
Willingness to work in a 24/7 shift‑based SOC, including occasional after‑hours/on‑call support.
#J-18808-Ljbffr
As an OT Security Shift Lead, you will be responsible for identifying, analyzing, and mitigating cyber threats targeting critical infrastructure systems. The ideal candidate brings deep cybersecurity expertise, hands‑on OT/ICS experience, and a strong analytical mindset to help protect industrial networks and operational assets.
Key Responsibilities
Monitor, detect, triage, and investigate security events across OT and IT environments using SIEM, SOAR, EDR, XDR, IDS/IPS, and other cybersecurity platforms.
Lead incident investigations, determine severity/impact, and provide clear, actionable recommendations.
Apply frameworks such as MITRE ATT&CK, Cyber Kill Chain, and industry best practices to analyze adversarial behavior and improve detection capabilities.
Interpret logs and telemetry from Windows, Linux, macOS endpoints, and network infrastructure.
Support containment, eradication, and recovery activities for security incidents.
Operational Technology (OT) Security
Work extensively with OT/ICS systems including SCADA, PLCs, RTUs, HMIs, DCS, and industrial networks.
Analyze OT‑specific network traffic and anomalies to identify threats targeting critical operational systems.
Support the protection of industrial control systems and power/utility operations from cyber threats.
Security Operations Leadership
Serve as a Shift Lead for a 24/7 SOC, providing operational oversight during assigned shifts.
Mentor junior analysts, review investigations, guide response actions, and ensure high‑quality incident documentation.
Collaborate with cross‑functional security teams to improve SOC processes, playbooks, and response procedures.
Threat Intelligence & Vulnerability Management
Perform threat intelligence gathering, correlation, and reporting to identify active and emerging threats.
Support vulnerability assessments across OT and IT environments; help prioritize and recommend remediation steps.
Contribute to continuous improvement of detection rules, threat models, and defensive strategies.
Reporting & Communication
Prepare and deliver incident reports, threat summaries, and technical documentation.
Communicate complex technical information clearly to both technical and non‑technical stakeholders.
Ensure accurate shift handovers and maintain high‑quality operational records.
Required Qualifications
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field (Master’s preferred).
5–7+ years in a cybersecurity‑focused role; SOC experience strongly preferred.
3+ years of hands‑on OT/ICS experience, including work with: SCADA systems
PLCs, RTUs, HMIs
Strong cybersecurity fundamentals, including: Networking (TCP/IP, UDP, DNS)
Security architecture and threat detection principles
Advanced certifications strongly preferred: CySA+, CEH, OSCP, GICSP, CCNA Security, ISA/IEC 62443, or equivalent OT‑security credentials.
Nice‑to‑Have Skills
Experience with OT protocols such as DNP3, Modbus, IEC 104, OPC UA, etc.
Proficiency with cybersecurity tools: SIEM, SOAR, IDS/IPS, EDR, NTA, PCAP analysis tools.
Strong analytical and problem‑solving abilities with excellent attention to detail.
Experience creating professional reports and presenting findings.
Demonstrated ability to lead, mentor, and support junior SOC analysts.
Willingness to work in a 24/7 shift‑based SOC, including occasional after‑hours/on‑call support.
#J-18808-Ljbffr