- Company Name
- NXP Semiconductors
- Job Title
- Security Operations Analyst - US Blue Team Leader
- Job Description
-
**Job Title**
Security Operations Analyst – US Blue Team Leader
**Role Summary**
Lead the security operations center (SOC) for IT, operational technology (OT), and research & development (R&D) environments. Design and enforce threat detection, incident response, and exposure management processes to safeguard enterprise assets and intellectual property.
**Expectations**
- Minimum 10 years of cybersecurity experience focused on blue‑team operations.
- Proven leadership of cross‑functional security teams.
- Deep technical knowledge of IT, OT/ICS, and embedded R&D security.
- Ability to translate threat intelligence into operational playbooks and automation.
- Strong communication skills for executive reporting and cross‑departmental collaboration.
**Key Responsibilities**
1. **Team Leadership** – Build, mentor, and manage a SOC team of global operators.
2. **SOC Process Design** – Develop and continuously improve SOC SOPs, playbooks, automation, and alert triage.
3. **Threat Detection & Hunting** – Incorporate red‑team operations and threat‑intel feeds; conduct proactive hunting across IT, OT, & R&D.
4. **Incident Response** – Lead response to security incidents; create and execute containment, eradication, and recovery plans; perform digital forensics.
5. **EDR/NDR & Monitoring** – Deploy and maintain endpoint and network detection tools; craft coverage strategies for IT & OT assets.
6. **OT & R&D Security Strategy** – Implement security controls for IEC 62443/ICS, IIoT, embedded systems; embed security in product development lifecycles.
7. **Vulnerability Management** – Oversee assessments, patching, compensating controls, segmentation, access controls, and zero‑trust implementations.
8. **Risk & Compliance** – Partner with risk, compliance, and legal teams to align security posture with regulatory frameworks (NIST CSF, NIST 800‑82, MITRE ATT&CK).
9. **Executive Briefings** – Deliver concise, actionable reports on risks, incidents, and improvement opportunities to senior leadership.
**Required Skills**
- Blue‑team & SOC operations expertise.
- Strong command of SIEM, EDR, NDR, threat‑intel platforms, and security automation.
- Hands‑on forensic analysis and incident‑response playbook development.
- OT/ICS security fundamentals: SCADA, industrial IoT, embedded systems.
- Knowledge of MITRE ATT&CK (Enterprise & Industrial), NIST 800‑82, IEC 62443, NIST CSF, Zero Trust architecture.
- Cloud security experience (AWS, Azure, GCP) and hybrid deployment environments.
- Team building, mentorship, and cross‑functional collaboration.
**Required Education & Certifications**
- 10+ years of cybersecurity experience (blue‑team, SOC, OT security).
- GIAC Certified Incident Handler (GCIH)
- GIAC Security Operations Certified (GSOC)
- Certified Cloud Security Professional (CCSP) – preferred
- AWS Certified Security – preferred
- Microsoft Certified: Security, Compliance & Identity (SC‑200) – preferred
(Additional qualifications such as an advanced cyber‑security degree are welcomed but not mandatory.)