Senior OT Threat Hunter at Dragos

📋 Description

• Lead independent, hypothesis-driven threat hunting across customer ICS/OT environments using the Dragos Platform.
• Serve as the primary escalation point for high-severity events, guiding OT Hunters and Security Analysts.
• Communicate critical findings to customers with actionable remediation guidance.
• Tune and optimize Dragos Platform configurations and hunt profiles to improve detection fidelity.
• Develop and refine original hunt hypotheses, content, and workflows; provide feedback to Detection Engineering and Intelligence teams.
• Contribute to operational reporting, support custom reporting needs, and mentor junior team members.

🎯 Requirements

• 5+ years of experience in threat hunting, security monitoring, or incident response within ICS/OT environments.
• Strong understanding of networking concepts and OT-specific protocols (Modbus, DNP3, Ethernet/IP).
• Experience with PCAP analysis, IDS/IPS, SIEM platforms, or other network traffic analysis tools in an OT context.
• Deep familiarity with adversary TTPs relevant to OT environments, including MITRE ATT&CK for ICS.
• Familiarity with threat intelligence workflows, including consumption and feedback loops with intelligence and detection engineering teams.
• Proven ability to communicate complex security findings to clients and internal stakeholders, verbally and in writing.
• Experience acting as a technical escalation point or senior contributor in security operations or threat hunting.
• Ability to work independently and lead efforts in a remote, distributed team environment.

🎁 Benefits

• Competitive Equity Package
• Comprehensive Benefits Plan