Operational Technology (OT) Cyber Threat Analyst

Risk Mitigation Consulting

$100K — $140K *
Energy & Utilities
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in a relevant field
  • 4-10 years of experience in cybersecurity, specifically OT/ICS environments
  • Strong understanding of cybersecurity frameworks such as NERC CIP, NIST, and IEC
  • Relevant certifications such as Security+, CISSP, or GICSP preferred
  • U.S. Citizenship and valid driver's license required

Responsibilities

  • Monitor and analyze cyber threat intelligence from various sources
  • Perform continuous monitoring of OT/ICS network environments for anomalies
  • Triage and escalate security incidents per client incident response plans
  • Conduct vulnerability assessments prioritizing risk and operational impact
  • Serve as technical contact for clients, providing security posture updates
  • Support clients in understanding cybersecurity regulations and compliance
  • Collaborate with government and sector partners for threat intelligence sharing

Benefits

  • Comprehensive health, vision, and dental insurance fully covered for employees
  • Subsidized dependent health care coverage
  • Participation in an Annual Bonus Program
  • Company paid short and long-term disability
  • Cell phone reimbursement of $65 per month
  • 401(k) Plan with contributions and Safe Harbor Employer Contribution Program
Full Job Description
Job Type

Full-time

Description

RMC is seeking an Operational Technology (OT) Cyber Threat Analyst for a full-time in-office position in San Antonio, TX!

When you join RMC, you'll experience a range of benefits, including:
  • Comprehensive health, vision, and dental insurance plans fully covered for employees
    • Subsidized dependent health care coverage
  • Participation in our Annual Bonus Program
  • Life insurance policy equivalent to 1x your annual salary.
  • Company paid short and long-term disability
  • Cell phone reimbursement of $65 per month
  • 401(k) Plan with contributions
  • A 401(k) Safe Harbor Employer Contribution Program, which includes a 3% contribution

Position Summary:

The OT Cybersecurity Analyst supports the protection and resilience of critical infrastructure environments through threat intelligence analysis, security monitoring, incident response, and vulnerability assessment activities focused on Operational Technology (OT) and Industrial Control Systems (ICS). This role is responsible for identifying and analyzing cyber threats targeting industrial environments, supporting incident response efforts, and helping clients strengthen the security posture of mission-critical systems across sectors such as energy, water, transportation, and manufacturing. The position works closely with clients, government partners, and internal technical teams to provide actionable intelligence, risk-based recommendations, and regulatory compliance support. Successful candidates will bring a strong understanding of OT/ICS environments, evolving cyber threats, and the operational considerations required to secure critical infrastructure systems.

Essential Functions:

Threat Intelligence & Analysis
  • Monitor, collect, and analyze cyber threat intelligence from open-source, commercial, and government feeds (ISACs, CISA, sector-specific advisories) with specific focus on threats targeting critical infrastructure sectors (energy, water, transportation, manufacturing)
  • Assess threat actor TTPs (Tactics, Techniques, and Procedures) relevant to ICS/SCADA environments using frameworks such as MITRE ATT&CK for ICS and the Purdue Model
  • Produce timely, actionable threat intelligence reports tailored to both technical and executive audiences

OT/ICS Security Monitoring
  • Perform continuous monitoring of OT/ICS network environments, including SCADA systems, PLCs, RTUs, HMIs, and historian servers, for anomalous or malicious activity
  • Analyze network traffic, asset telemetry, and security events across IT/OT boundaries using OT-aware tools (e.g., Claroty, Dragos, Nozomi Networks, Tenable OT)
  • Identify and document Indicators of Compromise (IoCs) and Indicators of Attack (IoAs) specific to industrial control system environments

Incident Detection, Response & Support
  • Triage, investigate, and escalate security incidents in accordance with client incident response plans and sector-specific regulatory requirements
  • Support containment, eradication, and recovery activities for cyber incidents affecting OT/ICS environments, with acute awareness of operational safety and uptime constraints
  • Maintain detailed incident timelines, chain-of-custody documentation, and post-incident lessons-learned reports

Vulnerability & Risk Assessment
  • Conduct vulnerability assessments of OT assets, applying risk-based prioritization that accounts for operational impact, compensating controls, and the consequences of patching in live industrial environments
  • Map identified vulnerabilities to threat actor capabilities and likelihood of exploitation to support client risk decisions
  • Track remediation efforts and validate closure of identified findings
  • Client Engagement & Reporting
  • Serve as a day-to-day technical point of contact for assigned clients, delivering regular briefings on threat landscape changes, incident status, and security posture
  • Develop and maintain client-specific threat profiles, asset inventories, and sector risk assessments
  • Communicate findings clearly and professionally across technical, operational, and executive stakeholder levels

Regulatory & Standards Compliance Support
  • Support clients in understanding and meeting cybersecurity obligations under relevant frameworks and regulations, including NERC CIP, NIST SP 800-82, IEC 62443, TSA Security Directives, and AWIA 2018, as applicable by sector
  • Assist in the development and review of OT security policies, procedures, and security plans

Collaboration & Intelligence Sharing
  • Coordinate with government partners, sector ISACs (E-ISAC, WaterISAC, MS-ISAC), and peer organizations to share and receive actionable threat information
  • Collaborate with internal red team, engineering, and advisory practice staff to integrate findings into broader client security programs
  • Participate in tabletop exercises, drills, and wargames simulating OT-targeted attack scenarios

Continuous Improvement
  • Stay current on emerging OT/ICS threats, vulnerabilities, and adversary campaigns through ongoing research, training, and industry engagement
  • Contribute to the firm's internal knowledge base, playbooks, and methodology development
  • Pursue and maintain relevant certifications (GICSP, GRID, CISA, GCIH, or equivalent)


Competencies:
  • Excellent writing skills, strong communication abilities, good time management and organizational skills
  • Experience using Microsoft Office tools and applications such as Word, PowerPoint, Excel and SharePoint
  • Work confidently in a fast-paced environment with the ability to support multiple projects
  • Ability to perform analysis of complex technical issues
  • Ability to work independently on multiple tasks with minimal direction to meet deadlines
  • Ability to work in a team environment and take initiative to help ensure team tasks are successfully completed within required timelines


Requirements

Education & Experience Requirements:
  • Bachelor's degree and 4-10 years of experience in the industry


Desired Certificates & Licenses:
  • Security+
  • CISSP
  • GICSP


Other Requirements:
  • Security Clearance (Optional): Obtaining a DoD Secret Clearance. Applicants selected will be subject to a government security investigation and must meet eligibility requirements for clearance level required for the job.
  • Valid Passport: Possession of a current passport with a minimum of 8 months remaining until the expiration date.
  • Travel Flexibility: Willingness and capability to travel, CONUS approximately 20% of the time. Telecommunication is authorized for this role.
  • Work Environment Compliance: Commitment to maintaining a drug-free work environment, U.S. Citizenship, and possession of a valid state driver's license.


Want to take the next step in your career with RMC? This OT Cyber Threat Analyst role is where your skills and talents will thrive, and you'll be part of something truly meaningful.

Join us today!

https://rmcglobal.com/

Salary Description

$100,000 - $140,000

Similar Jobs

More Jobs at Risk Mitigation Consulting

More Energy & Utilities Jobs

Find similar Operational Technology (OT) Cyber Threat Analyst jobs: