OT Network Security Analyst

Dragos

  • United Kingdom
  • £35,000 per year
  • Training
  • Full-time
  • 1 month ago
Dragos is on a relentless mission to defend industrial organizations that provide us with the necessities of modern civilization; running water, functioning electricity, and safe industrial working environments. As the market leader in ICS/OT Cybersecurity, we are dedicated to arming our customers with best-in-class technology, threat intelligence, and services to protect their systems as effectively and efficiently as possible. We're a remote-first culture with operations in North America, Europe, the Middle East, and APAC. We're looking for mission-oriented teammates who embody our core values of authenticity, transparency, and trust. Are you ready to make a difference? Come join a mission that can save the world!About the Role:As a security analyst on the OT Watch Complete team, you will be part of a frontline monitoring and triage unit responsible for identifying potential adversary activity in customer operational technology (OT) environments. You will work closely with experienced industrial defenders to investigate anomalous network behaviors, validate detection triggers, and support threat hunters and incident responders with high-risk escalations. With supervision, you will also operate and maintain the Dragos platform on behalf of customers, helping manage vulnerabilities, tune detections, properly classify OT assets, and provide input on response recommendations.This is a great opportunity for individuals passionate about cybersecurity - especially industrial security - who want to build hands-on experience in active security operations for OT networks and establish a solid foundation for their future career in the industry.Responsibilities:
  • Monitor and triage detection alerts and network telemetry generated by the Dragos Platform in customer environments.
  • Investigate suspicious activity and assist with identification of misconfigurations, anomalies, and potential malicious behaviors in OT networks.
  • Perform initial analysis, apply context, and escalate relevant findings to senior analysts and threat hunters with appropriate details and documentation.
  • Collaborate with senior analysts, threat hunters, incident responders, and platform engineers to improve alert fidelity and detection performance.
  • Assist with routine tuning of detection logic to minimize false positives and improve response workflows.
  • Contribute to incident summaries and operational reports to clearly communicate security observations to internal stakeholders and customers.
  • Participate in continuous learning around ICS/OT protocols, adversary tactics, and threat intelligence specific to industrial environments.
  • Support other functions of the OT Watch Complete service, to include asset classification, detection tuning, and vulnerability management within customers' Dragos platforms.
  • With assistance from more experienced analysts, help deliver hardening and response recommendations, and respond to information requests from customers.
Requirements:
  • Basic understanding of networking concepts (e.g., TCP/IP, firewalls, DNS, packet analysis).
  • Strong written and verbal communication skills, with good attention to detail.
  • Enthusiasm for learning about ICS/OT cybersecurity and defending critical infrastructure.
  • Ability to work independently in a remote environment and coordinate across distributed teams.
  • Flexibility to participate in shift-based coverage and occasional weekend/on-call work as needed. Note: Initial scheduling for employees will start as a Monday-Friday 8am-5pm (MT for US, CEST for Europe, AEST for ANZ shifts) with on-call weekends. Schedule will later change to working a 4 day a week 10-hour shift model, which includes a day on the weekend. Shift schedules under the 4-day schedule will run Sunday-Wednesday and Wednesday-Saturday. Applicants will have the option to pick from either of the two shift schedules (Sunday-Wednesday or Wednesday-Saturday).
Preferred Qualifications:
  • Exposure to cybersecurity monitoring tools or platforms (e.g., IDS/IPS, SIEM, network traffic analyzers).
  • Familiarity with OT protocols (e.g., Modbus, DNP3, Ethernet/IP) and ICS environments.
  • Knowledge of adversary tactics and frameworks relevant to OT (e.g., MITRE ATT&CK for ICS).
  • Hands-on lab or internship experience in cybersecurity operations, threat hunting, or digital forensics.
  • Exposure to packet capture (PCAP) analysis or basic scripting (e.g., Python, Bash).
Compensation:
  • Salary: £35,000
  • Competitive Equity Package
  • Comprehensive Benefits Plan
#LI-JF1 #LI-REMOTEDragos is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, state, or local laws. All new hires must pass a background check as a condition of employment.

Dragos