CenterPoint Energy has been in business for over 150 years and is committed to delivering electricity and natural gas reliably and safely. The OT SOC Analyst is responsible for monitoring and responding to cybersecurity events in Operational Technology environments, conducting investigations, and collaborating with stakeholders to protect critical infrastructure.
Perform continuous (24/7) monitoring of OT networks, systems, and devices, including SCADA systems, PLCs, RTUs, IEDs, and associated communications infrastructure
Analyze alerts, logs, and telemetry from OT security platforms and SIEM/SOAR solutions to identify anomalies, indicators of compromise (IOCs), and potential cyber threats
Conduct initial triage and investigation of detected events, determining scope, severity, and potential operational impact
Escalate confirmed or suspected incidents in accordance with OT SOC playbooks, incident classification criteria, and escalation procedures
Perform in-depth analysis of suspicious activity within OT environments, including log review, network traffic analysis, and correlation across multiple data sources
Support forensic analysis of impacted OT systems to assist in identifying root causes, attack paths, and contributing factors
Accurately document incidents, investigations, and response actions within organizational ticketing and case management systems
Provide timely notification of identified cybersecurity incidents or attempted compromises to appropriate stakeholders
Collaborate with OT SOC leadership and engineering teams to refine detection logic, improve SIEM/SOAR use cases, and enhance OT-specific playbooks
Participate in incident response activities, including coordination with operations, engineering, compliance, and external partners as required
Maintain awareness of emerging OT threats, vulnerabilities, and attack techniques relevant to electric utilities
Qualification
Required
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or a related technical field is preferred, or equivalent practical experience
1–3 years of hands-on Security Operations Center (SOC) experience, including alert triage, investigation, and incident escalation in an IT and/or OT environment
Experience supporting OT cybersecurity or security operations within regulated critical infrastructure environments is highly desirable
Hands-on experience configuring, tuning, and operating SIEM/SOAR platforms in an operational security environment
Demonstrated, hands-on experience with SIEM and SOAR platforms, preferably Splunk, including data correlation, workflow automation and dashboard creation
Experience supporting OT or ICS environments is strongly preferred, including exposure to SCADA, PLCs, RTUs, or related systems
Experience working with OT passive monitoring and threat detection tools, such as Nozomi, Dragos, and Claroty
Solid understanding of networking fundamentals, including TCP/IP, routing, firewalls, network segmentation, and common OT protocols such as Modbus and DNP3
Ability to analyze logs, network flows, and alerts to identify security-relevant events, and apply incident response principles, investigation techniques, and evidence handling practices
Familiarity with NERC CIP and TSA cybersecurity requirements and how security monitoring and incident response support regulatory obligations within OT environments
Strong analytical and communication skills, with attention to detail and the ability to clearly document findings and collaborate across technical and non-technical teams
Preferred
Experience supporting OT cybersecurity or security operations within regulated critical infrastructure environments is highly desirable
Relevant certifications from Splunk and GIAC including GICSP, GRID, GCIP, GCIA or GCIH are highly desirable
Benefits
Competitive pay
Paid training
Benefits eligibility begins on your first day
Transit subsidies
Flexible work schedule, paid holidays and paid time off
Access to discounts at fitness clubs and an on-site wellness center at our headquarters in Houston
Professional growth and development programs including tuition reimbursement
401(k) Savings Plan featuring a company match dollar-for-dollar up to 6% and a company contribution of 3% regardless of your contribution
CenterPoint Energy is an energy delivery company with electric transmission and distribution, power generation and natural gas distribution.
Glassdoor
3.6
Founded in 1866
Houston, Texas, USA
5001-10000 employees
http://centerpointenergy.com
CenterPoint Energy is an energy delivery company with electric transmission and distribution, power generation and natural gas distribution.
