Operational Technology (OT) Cyber Threat Analyst

DescriptionRMC is seeking an Operational Technology (OT) Cyber Threat Analyst for a full-time in-office position in San Antonio, TX!Are you ready to embark on a fulfilling and impactful career journey with Risk Mitigation Consulting (RMC)? We're in search of an exceptional OT Cyber Threat Analyst to become a part of our mission-driven team, dedicated to making a difference in the federal and commercial markets. At RMC, we're all about enhancing security for both our military and global commercial partners, offering an array of services such as Risk Management, Mission Assurance, and Cybersecurity.Our team's well-being is paramount, and we reflect this commitment through our flexible work environment and exceptional company culture. By joining RMC, you become a key contributor to our mission – Assuring Tomorrow!When you join RMC, you'll experience a range of benefits, including:Comprehensive health, vision, and dental insurance plans fully covered for employeesSubsidized dependent health care coverageParticipation in our Annual Bonus ProgramLife insurance policy equivalent to 1x your annual salary.Company paid short and long-term disabilityCell phone reimbursement of $65 per month401(k) Plan with contributionsA 401(k) Safe Harbor Employer Contribution Program, which includes a 3% contributionPosition SummaryThe OT Cybersecurity Analyst supports the protection and resilience of critical infrastructure environments through threat intelligence analysis, security monitoring, incident response, and vulnerability assessment activities focused on Operational Technology (OT) and Industrial Control Systems (ICS). This role is responsible for identifying and analyzing cyber threats targeting industrial environments, supporting incident response efforts, and helping clients strengthen the security posture of mission-critical systems across sectors such as energy, water, transportation, and manufacturing. The position works closely with clients, government partners, and internal technical teams to provide actionable intelligence, risk-based recommendations, and regulatory compliance support. Successful candidates will bring a strong understanding of OT/ICS environments, evolving cyber threats, and the operational considerations required to secure critical infrastructure systems.Essential FunctionsThreat Intelligence & AnalysisMonitor, collect, and analyze cyber threat intelligence from open-source, commercial, and government feeds (ISACs, CISA, sector-specific advisories) with specific focus on threats targeting critical infrastructure sectors (energy, water, transportation, manufacturing)Assess threat actor TTPs (Tactics, Techniques, and Procedures) relevant to ICS/SCADA environments using frameworks such as MITRE ATT&CK for ICS and the Purdue ModelProduce timely, actionable threat intelligence reports tailored to both technical and executive audiencesOT/ICS Security MonitoringPerform continuous monitoring of OT/ICS network environments, including SCADA systems, PLCs, RTUs, HMIs, and historian servers, for anomalous or malicious activityAnalyze network traffic, asset telemetry, and security events across IT/OT boundaries using OT-aware tools (e.g., Claroty, Dragos, Nozomi Networks, Tenable OT)Identify and document Indicators of Compromise (IoCs) and Indicators of Attack (IoAs) specific to industrial control system environmentsIncident Detection, Response & SupportTriage, investigate, and escalate security incidents in accordance with client incident response plans and sector-specific regulatory requirementsSupport containment, eradication, and recovery activities for cyber incidents affecting OT/ICS environments, with acute awareness of operational safety and uptime constraintsMaintain detailed incident timelines, chain-of-custody documentation, and post-incident lessons-learned reportsVulnerability & Risk AssessmentConduct vulnerability assessments of OT assets, applying risk-based prioritization that accounts for operational impact, compensating controls, and the consequences of patching in live industrial environmentsMap identified vulnerabilities to threat actor capabilities and likelihood of exploitation to support client risk decisionsTrack remediation efforts and validate closure of identified findingsClient Engagement & ReportingServe as a day-to-day technical point of contact for assigned clients, delivering regular briefings on threat landscape changes, incident status, and security postureDevelop and maintain client-specific threat profiles, asset inventories, and sector risk assessmentsCommunicate findings clearly and professionally across technical, operational, and executive stakeholder levelsRegulatory & Standards Compliance SupportSupport clients in understanding and meeting cybersecurity obligations under relevant frameworks and regulations, including NERC CIP, NIST SP 800-82, IEC 62443, TSA Security Directives, and AWIA 2018, as applicable by sectorAssist in the development and review of OT security policies, procedures, and security plansCollaboration & Intelligence SharingCoordinate with government partners, sector ISACs (E-ISAC, WaterISAC, MS-ISAC), and peer organizations to share and receive actionable threat informationCollaborate with internal red team, engineering, and advisory practice staff to integrate findings into broader client security programsParticipate in tabletop exercises, drills, and wargames simulating OT-targeted attack scenariosContinuous ImprovementStay current on emerging OT/ICS threats, vulnerabilities, and adversary campaigns through ongoing research, training, and industry engagementContribute to the firm’s internal knowledge base, playbooks, and methodology developmentPursue and maintain relevant certifications (GICSP, GRID, CISA, GCIH, or equivalent)CompetenciesExcellent writing skills, strong communication abilities, good time management and organizational skillsExperience using Microsoft Office tools and applications such as Word, PowerPoint, Excel and SharePointWork confidently in a fast-paced environment with the ability to support multiple projectsAbility to perform analysis of complex technical issuesAbility to work independently on multiple tasks with minimal direction to meet deadlinesAbility to work in a team environment and take initiative to help ensure team tasks are successfully completed within required timelinesRequirementsEducation & Experience Requirements:Bachelor’s degree and 4-10 years of experience in the industryDesired Certificates & LicensesSecurity+CISSPGICSPOther RequirementsSecurity Clearance (Optional): Obtaining a DoD Secret Clearance. Applicants selected will be subject to a government security investigation and must meet eligibility requirements for clearance level required for the job.Valid Passport: Possession of a current passport with a minimum of 8 months remaining until the expiration date.Travel Flexibility: Willingness and capability to travel, CONUS approximately 20% of the time. Telecommunication is authorized for this role.Work Environment Compliance: Commitment to maintaining a drug-free work environment, U.S. Citizenship, and possession of a valid state driver's license.Want to take the next step in your career with RMC? This OT Cyber Threat Analyst role is where your skills and talents will thrive, and you'll be part of something truly meaningful.Join us today!https://rmcglobal.com/Reasonable Accommodations StatementTo perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.RMC has reviewed this job description to ensure that essential functions and basic duties have been included. It is intended to provide guidelines for job expectations and the employee's ability to perform the position described. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills, and abilities. Additional functions and requirements may be assigned by your manager as deemed appropriate. This document does not represent a contract of employment, and RMC reserves the right to change this position description and/or assign tasks for the employee to perform, as RMC may deem appropriate.RMC is an Equal Opportunity Employer.