OT SOC Team Lead

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description

The Team Lead is the first level of leadership within the SOC, ensuring operational excellence, team performance, and high-quality service delivery to customers. Success Indicators High-quality incident handling and escalations Team performance and analyst development Continuous improvement of SOC processes and detections Positive customer feedback and SLA compliance You will report to Global SOC Manager Your Responsibilities: 1. SOC Operations & Delivery Oversee 24/7 monitoring, triage, and escalation of OT security alerts across industrial environments Support complex incident investigations and ensure quality of analysis across all tiers Ensure adherence to SLAs, ticket quality, and operational KPIs 2. Team Leadership & People Management Lead and manage a team of OT SOC analysts (Tier 1 / Tier 2) Provide coaching, mentoring, and performance feedback Support shift planning, coverage, and handovers 3. Process & Continuous Improvement Drive improvements to detection rules, playbooks, and SOC procedures Identify gaps in monitoring, response, and tooling Collaborate with engineering and threat detection teams for tuning and optimisation Promote standardisation and best practices across SOC operations 4. Customer & Stakeholder Management Act as a key point of contact for customers during incidents and escalations Ensure proper communication during major incidents Support reporting, service reviews, and customer discussions Coordinate with internal teams (engineering, IR, service delivery) The Essentials - You Will Have: Understanding of OT environments and industrial protocols (e.g. Modbus, OPC) Experience with SIEM, IDS, and OT monitoring tools Experience with incident detection, triage, and response processes Knowledge of MITRE ATT&CK and threat detection concepts Experience leading SOC teams or being senior analyst / shift lead Incident management skills Excellent communication skills (technical and customer-facing) Work in mission-critical environments Full working proficiency in both Spanish and English. The Preferred - You Might Also Have: Experience in OT cybersecurity or industrial environments Certifications such as: GCIH, GCIA, CISSP, or equivalent Experience working in 24x7 SOC environments What We Offer: Our benefits package includes … Volunteer Paid Time off available after 6 months of employment for eligible employees Company volunteer and donation matching program – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. On-demand digital course library for professional development Comprehensive mindfulness programs with a premium membership to Calm Employee Assistance Program Personalized wellbeing programs through our OnTrack program ... and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. #LI-Hybrid #LI-AL1