[Remote] Associate OT Security Analyst

Note: The job is a remote job and is open to candidates in USA. Dragos, Inc. is dedicated to defending industrial organizations through ICS/OT Cybersecurity. The Associate OT Security Analyst will monitor and triage detection alerts in customer OT environments, investigate suspicious activities, and collaborate with senior analysts to enhance security operations.

Responsibilities

• Monitor and triage detection alerts and network telemetry generated by the Dragos Platform in customer environments
• Investigate suspicious activity and assist with identification of misconfigurations, anomalies, and potential malicious behaviors in OT networks
• Perform initial analysis, apply context, and escalate relevant findings to senior analysts and threat hunters with appropriate details and documentation
• Collaborate with senior analysts, threat hunters, incident responders, and platform engineers to improve alert fidelity and detection performance
• Assist with routine tuning of detection logic to minimize false positives and improve response workflows
• Contribute to incident summaries and operational reports to clearly communicate security observations to internal stakeholders and customers
• Participate in continuous learning around ICS/OT protocols, adversary tactics, and threat intelligence specific to industrial environments
• Support other functions of the OT Watch Complete service, to include asset classification, detection tuning, and vulnerability management within customers’ Dragos platforms
• With assistance from more experienced analysts, help deliver hardening and response recommendations, and respond to information requests from customers

Skills

• Basic understanding of networking concepts (e.g., TCP/IP, firewalls, DNS, packet analysis)
• Strong written and verbal communication skills, with good attention to detail
• Enthusiasm for learning about ICS/OT cybersecurity and defending critical infrastructure
• Ability to work independently in a remote environment and coordinate across distributed teams
• Flexibility to participate in shift-based coverage. Note: Schedule is a 4 day a week 10-hour shift model, which includes a day on the weekend. Shift schedules under the 4-day schedule will run Sunday-Wednesday and Wednesday-Saturday. Applicants may have the option to pick from either of the two shift schedules (Sunday-Wednesday or Wednesday-Saturday)
• Exposure to cybersecurity monitoring tools or platforms (e.g., IDS/IPS, SIEM, network traffic analyzers)
• Familiarity with OT protocols (e.g., Modbus, DNP3, Ethernet/IP) and ICS environments
• Knowledge of adversary tactics and frameworks relevant to OT (e.g., MITRE ATT&CK for ICS)
• Hands-on lab or internship experience in cybersecurity operations, threat hunting, or digital forensics
• Exposure to packet capture (PCAP) analysis or basic scripting (e.g., Python, Bash)

Benefits

• Competitive Equity Package
• Comprehensive Benefits Plan

Company Overview