Security Operations Analyst - US Blue Team Leader

The Blue Team Leader at NXP will be tasked with leading our day-to-day defensive information security operations, ensuring the security of IT, Operational Technology (OT), and R&D environments. This role is responsible for overseeing threat detection, incident response, and exposure management.  

As the leader of our Blue Team, you will develop and implement security strategies to protect against evolving cyber threats across diverse environments. You will collaborate with security architects, red teams, product teams, and engineering groups to strengthen our organization’s overall security posture. This role is pivotal leader for our regional security operations center team members, to ensure the continuity of information security operations.

The ideal candidate will be passionate about information security operations center, incident response, and leading a diverse team of global operators. The ideal candidate also has a foundational knowledge and experience in working in an Operational Technology (OT) manufacturing environment.

Your opportunity:

NXP is a global player in Semiconductor industry, and security is an essential and integral part of our business. Security Operations & Threat Defense

Job Responsibility:  

Operational Mentality and Vision:

• Lead a team of cybersecurity professionals focused on threat detection, monitoring, and incident response for IT, OT, and R&D environments.
• Develop and enhance Security Operations Center (SOC) processes, including playbooks, automation, and alert triage.

Incorporate Advanced Red Team Operations and Threat Intelligence into Day-to-Day Operations.

• Incorporate threat intelligence gathering, ensuring proactive detection of adversary tactics, techniques, and procedures (TTPs).
• Collaborate with the red team and threat hunting teams to identify gaps and improve defenses.
• Establish endpoint detection and response (EDR) and network security monitoring strategies across IT and OT assets.

Incident Response

• Lead and coordinate cyber incident response efforts, ensuring timely containment, eradication, and recovery.
• Develop incident response playbooks tailored to IT, OT, and R&D environments.
• Conduct digital forensics investigations to determine the root cause of security incidents and recommend mitigations.

OT & R&D Security Strategy:

• Implement security controls and frameworks tailored for ICS/SCADA, industrial IoT (IIoT), and embedded systems in OT environments.
• Work closely with engineering and R&D teams to integrate security into product development lifecycles.
• Ensure compliance with industry regulations and frameworks such as NIST CSF, IEC 62443, and MITRE ATT&CK for ICS.
• Develop and test cyber resilience plans for critical OT and R&D infrastructure.

Vulnerability Management & Hardening

• Oversee vulnerability assessments and risk management programs across IT, OT, and R&D.
• Guide patch management and compensating controls for systems where direct patching is not feasible.
• Work with asset owners to implement segmentation, access controls, and Zero Trust strategies.

Risk Management and Ethical Considerations

• Work closely with security and risk leaders to foresee and mitigate risks, ensuring ethical operations and compliance with upcoming regulations.

Team Leadership & Collaboration

• Build, mentor, and develop a high-performing cybersecurity team.
• Foster cross-functional collaboration between IT, OT, R&D, and security engineering teams.
• Provide executive-level briefings on cybersecurity risks, incidents, and program improvements.
• Partner with risk management, compliance, and legal teams to align cybersecurity with business objectives.

Job Qualification: 

Required Qualifications & Experience:

• 10+ years of experience in cybersecurity with a focus on blue teaming, security operations, and cyber defense.
• Strong expertise in both IT and OT security, with knowledge of ICS, SCADA, and industrial cyber threats.
• Experience securing R&D environments, including embedded systems, proprietary technologies, and intellectual property.
• Hands-on experience with SIEM, EDR, NDR, threat intelligence platforms, and security automation.
• In-depth knowledge of MITRE ATT&CK (Enterprise & ICS), NIST 800-82, IEC 62443, and Zero Trust principles.
• Experience leading a team of cybersecurity professionals and developing operational security teams.
• Strong understanding of cloud security (AWS, Azure, GCP) and hybrid security architectures.

Preferred Certifications

• GIAC Certified Incident Handler
• GIAC Security Operations Certified
• Certified Cloud Security Professional  (CCSP)
• AWS Certified Security
• Microsoft SC - 200

More information about NXP in the United States...

NXP is an Equal Opportunity/Affirmative Action Employer regardless of age, color, national origin, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, marital status, status as a disabled veteran and/or veteran of the Vietnam Era or any other characteristic protected by federal, state or local law. In addition, NXP will provide reasonable accommodations for otherwise qualified disabled individuals.