InfoSec L2 SOC SME OT

POSITION SUMMARY
Zoetis, Inc. is the world's largest producer of medicine and vaccinations for pets and livestock. The Zoetis Tech & Digital (ZTD) Global Technology Risk Management Organization is a key building block of ZTD.

Join us at Zoetis India Capability Center (ZICC) in Hyderabad, where innovation meets excellence. As part of the world's leading animal healthcare company, ZICC is at the forefront of driving transformative advancements and applying technology to solve the most complex problems. Our mission is to ensure sustainable growth and maintain a competitive edge for Zoetis globally by leveraging the exceptional talent in India.

At ZICC, you'll be part of a dynamic team that partners with colleagues worldwide, embodying the true spirit of One Zoetis. Together, we ensure seamless integration and collaboration, fostering an environment where your contributions can make a real impact. Be a part of our journey to pioneer innovation and drive the future of animal healthcare.

The Information Security Strategy & Risk Management team at Zoetis ensures a secure strategy through a disciplined process of making colleagues security savvy, driving down residual risk, reducing the attack surface, all while enabling the business. This team is responsible for critical services that strengthen Zoetis' security posture, including protecting sensitive data, identifying and mitigating cyber threats, and seamlessly integrating secure assets during organizational changes. Key functions within the team include Security Operations, Vulnerability Management, Threat Intelligence, Security Awareness, Mergers & Acquisitions Security, and Operational Technology (OT) Security. Through these services, the team empowers the organization to operate securely and efficiently in a dynamic digital environment.

The SOC Analyst (OT SME) will work closely with onshore security teams to support and operationalize detection and monitoring capabilities within Operational Technology (OT) environments across Zoetis. This role will focus on leveraging deep knowledge of industrial control systems (ICS), SCADA and OT network protocols to improve visibility, detect malicious or anomalous activity and support incident investigations in manufacturing and production settings. The SOC Analyst will assist in tuning and maintaining OT-specific detections, contribute to process documentation and ensure alignment within OT security practices. This position plays a key role in enabling the SOC to monitor and respond effectively to cyber threats targeting OT infrastructure.

POSITION RESPONSIBILITIES 
    Percent of Time 
•    Partner with onshore and offshore teams to implement and support security monitoring and detection capabilities specific to OT environments, including ICS and SCADA systems.
•    Monitor OT telemetry and alerts to identify potential security incidents, anomalies, and operational risks.
•    Support the deployment and configuration of OT network sensors and tools, including integration into centralized monitoring platforms.
•    Assist in the tuning and refinement of OT detection rules and alert thresholds to reduce noise and improve visibility.
•    Collaborate with Operational Technology, Security Operations, and Threat Intelligence teams to ensure detection strategies are aligned with OT-specific risks and threat models.
•    Participate in incident investigations involving OT systems, providing context around OT protocols, architecture, and operational impact.
•    Maintain awareness of emerging OT threats, vulnerabilities, and best practices, and share relevant insights with the broader SOC team.
•    Contribute to documentation and knowledge articles related to OT environments, including playbooks, response procedures, and baseline behaviors.    100%

ORGANIZATIONAL RELATIONSHIPS

•    Collaborates closely with onshore security teams, including Security Operations, Operational Technology, Threat Intelligence, and Security Awareness.
•    Works with cross-functional teams such as Infrastructure, Application Development, and Cloud Engineering to ensure seamless integration and operation of security tools.
•    Partners with Identity and Access Management teams to implement and maintain secure access controls.
•    Engages with external vendors and service providers to evaluate and integrate third-party security solutions.
•    Coordinates with internal stakeholders to align security initiatives with business objectives and compliance requirements.

EDUCATION AND EXPERIENCE 
Education:
•    University Degree in Computer Science or Information Systems is required 
•    MS or advanced identity courses or other applicable certifications is desirable, including
o    Certified Information Systems Security Professional (CISSP) 
•    Relevant certifications in infrastructure security and vulnerability management, such as Offensive Security Certified Professional (OSCP), GIAC Certified Vulnerability Assessor (GCVA), or Certified Ethical Hacker (CEH), are highly preferred

Experience:
•    A minimum of 5+ years of relevant experience with a strong background in security operations, operational technology and security engineering. 
•    2+ years of experience in the pharmaceutical or other regulated industry, especially Animal Health.
•    Experience working with global teams across multiple time zones.
•    Demonstrated ability to work within diverse technical teams.

TECHNICAL SKILLS REQUIREMENTS•    Strong knowledge of security tools and technologies, such as EyeInspect, endpoint detection and response (CrowdStrike) solutions, Palo Alto, SIEM/SOAR
•    Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash to streamline security processes.
•    Experience with cloud security tools and platforms (e.g., AWS, Azure, GCP) and securing cloud-native environments.
•    Solid understanding of network security concepts, including firewalls, IDS/IPS, VPNs, and zero-trust architectures.
•    Familiarity with identity and access management (IAM) solutions, such as Azure AD, Secret Server, and Sailpoint.
•    Knowledge of threat detection, incident response, and vulnerability management processes and tools.
•    Experience with container security and DevSecOps practices.
•    Strong understanding of encryption technologies, key management, and secure coding practices.
•    Ability to analyze and interpret security data to identify trends, vulnerabilities, and potential threats.
•    Familiarity with regulatory requirements and compliance standards (e.g., GDPR, HIPAA, PCI DSS).
•    Must be fluent in both written and spoken English, with the ability to communicate effectively across technical and non-technical audiences.

PHYSICAL POSITION REQUIREMENTS 
Availability to work between 1pm IST to 10pm IST hours (minimum 3 hours of daily overlap with US ET Time zone)