OT Threat Hunter Analyst

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can’t and respond quicker than others can to protect against the devastating impacts of cyberattacks. We’re a world-class team of cyber consultants, threat hunters and researchers serving clients in 96 countries. At Trustwave, you can learn alongside the best, make a personal impact on a global scale, and solve new challenges every day. Learn more about us at https://www.trustwave.com.

We’re seeking a skilled and experienced OT Threat Hunter Analyst to work in our client’s Washington D.C. location.

Candidate must be a US citizen.

Localization - Washington, D.C.

Role Overview

We are seeking an OT Threat Hunter to join our dynamic team. In this role, you will be responsible for proactively identifying, analyzing, and mitigating cyber threats across OT/ICS/SCADA systems. The ideal candidate is someone with hands-on experience in threat hunting, a strong understanding of OT/ICS environments, and the ability to leverage various cybersecurity tools to detect and respond to potential risks. This role requires a proactive mindset, technical expertise, and the ability to communicate findings to both technical and non-technical stakeholders.

Key Responsibilities

• Proactively hunt for advanced threats targeting OT environments by analyzing network traffic, system logs, and endpoint activity.
• Perform deep-dive analysis of potential security incidents to determine impact, risk, and response actions.
• Utilize threat intelligence and attack frameworks (e.g., MITRE ATT&CK for ICS) to identify attack patterns and techniques relevant to OT systems.
• Develop custom detection rules and signatures for OT/ICS/SCADA systems to enhance threat visibility.
• Create and refine threat hunting playbooks, methodologies, and standard operating procedures for the OT environment.
• Collaborate with the incident response team to respond to and contain security incidents.
• Generate detailed reports on threat hunting findings, including technical and executive-level summaries.
• Maintain an up-to-date knowledge of the latest cybersecurity trends, threat actor TTPs (Tactics, Techniques, and Procedures), and OT-specific vulnerabilities.
• Provide mentorship and guidance to junior analysts on OT threat hunting best practices.

Required Knowledge and Skills

• Proven experience in threat hunting and incident response within OT/ICS/SCADA environments.
• Strong understanding of OT protocols (e.g., Modbus, DNP3, OPC) and how to detect anomalies in OT systems.
• Proficiency in using cybersecurity tools and platforms such as SIEMs, IDS/IPS, EDR, and packet capture analysis tools.
• Knowledge of cybersecurity frameworks such as NIST, ISA/IEC 62443, and MITRE ATT&CK for ICS.
• Ability to analyze network traffic and identify indicators of compromise (IOCs) and attacker behavior patterns.
• Familiarity with scripting languages (Python, PowerShell, etc.) for automating threat hunting processes.
• Strong analytical and problem-solving skills, with attention to detail and the ability to think critically.
• Excellent communication skills, with the ability to articulate complex technical findings to a diverse audience.

Qualifications

• Bachelor’s degree in cybersecurity, computer science, information systems, or a related field is preferred.
• 3 years of experience in cybersecurity, with a focus on OT threat hunting or incident response.
• Relevant industry certifications such as GICSP, GRID, GCIA, or equivalent are preferred.
• Experience in threat intelligence analysis and the ability to leverage it to enhance threat hunting efforts.

Education:

• A bachelor's degree in a security discipline or a related field is preferred. However, a minimum of a high school diploma or equivalent is required for employment.

This opportunity is open to anyone legally authorized to work in the USA.

Trustwave is an Equal Opportunity Employer. We're committed to treating everyone with respect, one of our core TRUST Values, and strive to create a culture that empowers all Trustees to be their best, most authentic selves. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

#LI-MM1