Bengaluru, Karnataka
Job Summary
Responsible for collecting, analyzing, and operationalizing cyber threat intelligence to support threat hunting, detection engineering, risk decisions, and incident response . The role bridges external intelligence and internal telemetry to enable proactive security operations.
Key Responsibilities
1. Lead vulnerability management operations using OT/ICS/IIoT security tools to identify, assess, and prioritize vulnerabilities in complex industrial environments, ensuring alignment with industry standards and regulatory requirements.
2. Oversee end-to-end remediation processes by coordinating with internal teams and leveraging vulnerability management platforms to ensure timely resolution and minimize operational risk.
3. Develop and implement advanced operational processes using vulnerability assessment technologies to optimize workflow efficiency, reporting, and compliance within the OT/ICS security domain.
4. Provide expert guidance and mentorship to the vulnerability management team, fostering knowledge sharing and continuous upskilling in the use of OT/ICS security solutions.
5. Drive innovation by evaluating and integrating emerging security tools, methodologies, and automation into vulnerability management processes to enhance detection and response capabilities.
6. Ensure client requirements are thoroughly understood and met by translating business needs into actionable security solutions within OT/ICS/IIoT environments.
7. Deliver comprehensive management reporting and actionable insights using vulnerability analytics platforms, supporting organizational planning and informed decision-making.
Collect and analyze intelligence from:
OSINT, ISACs, commercial feeds, vendor advisories
Dark web, malware reports, campaign tracking
Perform strategic, tactical, and operational CTI analysis
Map threats to MITRE ATT&CK and industry‑specific attack patterns
Enrich SOC detections, threat hunts, and incident investigations
Convert intelligence into:
IOCs, IOAs
YARA / SIGMA rules
Hunting hypotheses
Support CTEM / DRP / EASM and Insider Threat programs
Create CTI dashboards, reports, and executive briefings
Technical Skills
Hands-on experience with Threat Intelligence Platforms (TIP) (e.g., Anomali)
Strong understanding of intelligence types:
Strategic, Tactical, Operational, Technical
Experience operationalizing intelligence into:
SIEM detections
EDR rules
Threat hunting queries
Familiarity with MITRE ATT&CK, malware analysis, campaign tracking
Knowledge of compliance frameworks (PCI DSS, HIPAA, ISO 27001)
Exposure to DRP, CTEM, OT security intelligence
Skill Requirements
1. Excellent Understanding Of Industrial Network Protocols, Asset Discovery, And Risk Assessment Methodologies.
2. Advanced Proficiency In Implementing Vulnerability Scanning, Risk Prioritization, And Patch Management Within Ot/Ics Environments.
3. Excellent Skills In Incident Response, Remediation Coordination, And Compliance Reporting Specific To Industrial Systems.
4. Strong Knowledge Of Regulatory Frameworks And Standards For Ot/Ics Security (E.G., Iec 62443, Nerc Cip).
5. Expert Ability To Lead Teams, Mentor Technical Staff, And Drive Continuous Process Improvement In Security Operations.
Hands-on experience with Threat Intelligence Platforms (TIP) (e.g., Anomali)
Strong understanding of intelligence types:
Strategic, Tactical, Operational, Technical
Experience operationalizing intelligence into:
SIEM detections
EDR rules
Threat hunting queries
Familiarity with MITRE ATT&CK, malware analysis, campaign tracking
Knowledge of compliance frameworks (PCI DSS, HIPAA, ISO 27001)
Exposure to DRP, CTEM, OT security intelligence
Other Requirements
1. Certified Information Systems Security Professional (CISSP) � optional but valuable.
2. Global Industrial Cyber Security Professional (GICSP) � optional but valuable.
3. ISA/IEC 62443 Cybersecurity Certificate � optional but valuable.
5+ years in Cyber Threat Intelligence or SOC / Detection Engineering roles
Strong writing and briefing skills for technical and executive audiences
Ability to work closely with Threat Hunters, SOC, and IR teams
Continuous improvement and research-driven mindset
#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-
