OneMain Financial Jobs

We are seeking a highly skilled OT Cybersecurity Architect / SOC Security Expert to support industrial and critical infrastructure customers worldwide. This role blends Operational Technology (OT) cybersecurity architecture, SOC Level-2 incident response, and customer consulting, helping organizations secure industrial environments such as SCADA, PLC, and control networks. The ideal candidate brings strong hands-on experience across SIEM, SOAR, ICS security, and industrial networking, and thrives in both operational SOC environments and project-based customer engagements.

Key Responsibilities

• Design, implement, and support OT/ICS cybersecurity solutions for industrial control systems (SCADA, PLCs, HMIs, RTUs, control servers).

• Monitor and analyze security events using SIEM platforms; investigate alerts and determine true vs false positives.

• Act as a Level-2 SOC escalation point and collaborate with Incident Response teams.

• Perform threat hunting, malware analysis, forensic support, and root cause analysis.

• Develop and tune SOAR playbooks, automate response workflows, and integrate tools using scripting (Python preferred).

• Provide on-site and remote cybersecurity consulting including troubleshooting, network design, risk assessments, and implementations.

• Develop clear, business-friendly remediation recommendations for customers.

• Apply and align solutions to industry standards and frameworks (IEC 62443, NIST, MITRE ATT&CK for ICS).

• Support customer engagements independently while meeting delivery, quality, and satisfaction targets.

Basic Qualifications

• Bachelor’s degree in computer science, Information Systems, Electronics, or equivalent experience.

• 3+ years of experience in cybersecurity SOC operations or security engineering.

• 5+ years of overall IT, networking, or infrastructure experience.

• Hands-on experience with SIEM tools (e.g., Splunk, Chronicle).

• Experience with firewalls, IDS/IPS, endpoint security, and network security controls.

• Knowledge of OT/ICS environments and industrial protocols. • Strong analytical, troubleshooting, and stakeholder engagement skills.

• Willingness to travel 30–65% as required.

Preferred Qualifications

• Security certifications: CCNA, Security+, GSEC, GCIH, CEH, GCFA, or equivalent.

• Knowledge of IEC 62443, ISO 27001, and MITRE ATT&CK for ICS.

• Experience working in customer-facing cybersecurity roles.

• Knowledge of industrial protocols (Modbus, DNP3, Profibus, S7comm)

Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.

Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.