ICS / OT Team Lead (MDR) (m/w/d)

at  NVISO

Who are we?
It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents.
All of this is built on four fundamental values that define who we are: We are Proud, We Break Barriers, We Care and No BS!
Tasks
You have a strong interest in cyber security and believe the following to be applicable to you?
As the MDR for ICS / OT Team Lead (m/w/d), you will report to the Head of Managed Security Services and lead a team of ICS / OT focused Security Analysts. You will focus on the following activities:

TECHNOLOGY AND TOOL PROFICIENCY:

• Ensure the team is proficient with both typical SOC technologies (SIEM, EDR, SOAR,…), but also with specific ICS / OT monitoring tooling (e.g. Nozomi, Claroty, Defender for IoT,…);
• Work closely with the SOC Analysts and SOC Engineering teams to ensure the efficacy of deployed detections in the monitored environments;
• Analyse alert statistics to reduce false positives and maintain the alert queue of the SOC at healthy levels;
• Design automation playbooks to enrich alerts, properly triage and remediate security incidents and contribute to multiple phases of the alert’s lifecycle;
• Maintain and expand the existing tooling for automating tedious day-to-day tasks;
• Design procedures and workflows within the team with a scale up mentality.
  Requirements

We understand we are looking for a bit of a unicorn here. If you only meet a few of the requirements below, but are motivated and intrigued by the job, please do still reach out!

• You are eligible for a NATO clearance;
• Completion of a Bachelor’s degree or equivalent program in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics (or equivalent work experience);
• Knowledge and experience of OT / ICS systems (SCADA, DCS, PLC, EMS, etc.);
• Knowledge of OT cybersecurity standards and frameworks (IEC ISA 99/62443, NIST SP 800-82, NIST CSF, ISO27001, etc.);
• 5+ years of experience with at least 2 years in cyber security for ICS / OT environments. Previous experience in a SOC environment is a plus;
• Certifications: GCIA, GCIH, GNFA, GRID, or similar certification preferable but not required;
• Experience with ICS / OT monitoring technologies such as Nozomi, Claroty and Defender for IoT;
• Excellent communication and interpersonal skills.

Benefits

At NVISO, we care. We are committed to offering you a highly competitive remuneration package including financial and non-financial components:

• Working and learning from the best people in the European cyber security industry. We have multiple SANS Instructors working at NVISO, our staff has presented at popular hacking conferences (BlackHat, BruCON, OWASP, etc) and all of our technical staff can acquire deep technical security certifications (GSE, GXPN, GREM, GCFA, OSCP, etc);
• A training budget of 10,000 EUR plus 10 days paid time off rolling over two years;
• Regular team-building and fun events with legendary off-site events once a year. The location of the next team building is one of the most closely guarded secrets at NVISO… We can however disclose that we’ve visited Lisbon, Dubai and Malta over the past few years;
• Our commitment to coach and counsel you and help you grow; each employee receives a personal coach within the team, whose role is to ensure your well-being and helps you grow in your career!
• Flexible working hours and home office possibilities;
• Reimbursement of public transfer ticket + BahnCard50 1st class;
• BusinessBike Leasing;
• Working abroad options;
• 30 holidays.

Please refer the Job description for details