Hispanic Careers

Schneider Electric USA, Inc

Senior SOC Threat Hunt Analyst (Finance)

The SOC Threat Hunt Analyst plays a proactive role in identifying advanced threats and anomalies within Operational Technology (OT) environments. This role focuses on hypothesis-driven investigations, behavioral analytics, and the development of threat detection strategies and threat models to enhance the security posture of critical infrastructure clients. The analyst will work closely with detection engineers, incident responders, and SOC teams to uncover stealthy adversaries and improve detection capabilities.

About the CCSH NAM Hub

The Cybersecurity Connected Services Hub (CCSH) - North America (NAM) is Schneider Electric's strategic cybersecurity hub for delivering advanced Managed Security Services (MSS) to external clients. As the flagship of our 24/7 global Managed Security Operations Center (SOC), the NAM Hub focuses on securing OT environments across critical infrastructure and industrial systems. As part of our global Cybersecurity Solutions Services business, we drive innovation in threat detection and response, vulnerability and asset management, and security automation by leveraging best-in-class tools, people, and proven processes, along with deep domain expertise, to deliver impactful security outcomes at scale.

Key Responsibilities

Develop and Execute Threat Hunt Campaigns
Design and conduct structured, hypothesis-driven threat hunts across OT networks, focusing on OT environments.

Maintain Threat Detection Library
Own and curate the threat detection knowledge base, including behavioral patterns, adversary TTPs, and detection logic.

Collaborate with Detection Engineering
Recommend new detection logic, rule tuning, and telemetry enhancements based on hunt findings and threat intelligence.

Document Hunt Hypotheses and Findings
Maintain detailed logs of hunt activities, hypotheses, methodologies, and outcomes to support continuous improvement and knowledge sharing.

Identify Gaps in Visibility and Coverage
Analyze telemetry sources and alert fidelity to identify blind spots and recommend improvements in data collection and monitoring.

Develop and Maintain Threat Models
Build and update threat models tailored to MSS clients, aligning with MITRE ATT&CK for ICS and other relevant frameworks.

What qualifications will make you successful for this role?

Required:

3-5 years of experience in cybersecurity operations , with at least 1-2 years in threat hunting or advanced SOC roles

An understanding of OT/ICS protocols is desirable

Experience with cyber behavioral analytics and cyber threat modeling

Familiarity with MITRE ATT&CK and adversary emulation techniques

Strong analytical and investigative mindset with a hypothesis-driven approach

Ability to work independently and collaborate across SOC, engineering, and client facing teams.
Able to work full-time based in Boston, MA

Preferred:

Hands-on experience with KQL (Kusto Query Language)

Familiarity with cybersecurity frameworks such as NIST CSF, ISO 27001, and ICS-specific standards (e.g., NIST 800-82)

Experience in critical infrastructure sectors (e.g., energy, manufacturing, utilities)

Exposure to SOAR platforms and automation of hunt workflows

Certifications (Preferred but not required ):

GIAC certifications such as GCIH, GMON, GCIA, GCDA, GSOC, GICSP, GRID, GCIP

Other industry-recognized certifications (e.g., ISACA, EC-Council, ISC2)

Let us learn about you! Apply today.

You must submit an online application to be considered for any position with us. This position will be posted until filled.

Looking to make an IMPACT with your career?

When you are thinking about joining a new team, culture matters. At Schneider Electric, our values and behaviors are the foundation for creating a great culture to support business success. We believe that our IMPACT values - Inclusion, Mastery, Purpose, Action, Curiosity, Teamwork - starts with us.

IMPACT is also your invitation to join Schneider Electric where you can contribute to turning sustainability ambition into actions, no matter what role you play. It is a call to connect your career with the ambition of achieving a more resilient, efficient, and sustainable world.

We are looking for IMPACT Makers; exceptional people who turn sustainability ambitions into actions at the intersection of automation, electrification, and digitization. We celebrate IMPACT Makers and believe everyone has the potential to be one.

Become an IMPACT Maker with Schneider Electric - apply today!

€36 billion global revenue
+13% organic growth
150 000+ employees in 100+ countries
#1 on the Global 100 World's most sustainable corporations

You must submit an online application to be considered for any position with us. This position will be posted until filled.

Schneider Electric aspires to be the most inclusive and caring company in the world, by providing equitable opportunities to everyone, everywhere, and ensuring all employees feel uniquely valued and safe to contribute their best. We mirror the diversity of the communities in which we operate, and 'inclusion' is one of our core values. We believe our differences make us stronger as a company and as individuals and we are committed to championing inclusivity in everything we do.

At Schneider Electric, we uphold the highest standards of ethics and compliance, and we believe that trust is a foundational value. Our Trust Charter is our Code of Conduct and demonstrates our commitment to ethics, safety, sustainability, quality and cybersecurity, underpinning every aspect of our business and our willingness to behave and respond respectfully and in good faith to all our stakeholders. You can find out more about our Trust Charter here

Schneider Electric is an Equal Opportunity Employer. It is our policy to provide equal employment and advancement opportunities in the areas of recruiting, hiring, training, transferring, and promoting all qualified individuals regardless of race, religion, color, gender, disability, national origin, ancestry, age, military status, sexual orientation, marital status, or any other legally protected characteristic or conduct.The SOC Threat Hunt Analyst plays a proactive role in identifying advanced threats and anomalies within Operational Technology (OT) environments. This role focuses on hypothesis-driven investigations, behavioral analytics, and the development of threat detection strategies and threat models to enhance the security posture of critical infrastructure clients. The analyst will work closely with detection engineers, incident responders, and SOC teams to uncover stealthy adversaries and improve detection capabilities.

About the CCSH NAM Hub

Key Responsibilities

Develop and Execute Threat Hunt Campaigns
Design and conduct structured, hypothesis-driven threat hunts across OT networks, focusing on OT environments.

Maintain Threat Detection Library
Own and curate the threat detection knowledge base, including behavioral patterns, adversary TTPs, and detection logic.

Collaborate with Detection Engineering
Recommend new detection logic, rule tuning, and telemetry enhancements based on hunt findings and threat intelligence.

Document Hunt Hypotheses and Findings
Maintain detailed logs of hunt activities, hypotheses, methodologies, and outcomes to support continuous improvement and knowledge sharing.

Identify Gaps in Visibility and Coverage
Analyze telemetry sources and alert fidelity to identify blind spots and recommend improvements in data collection and monitoring.

Develop and Maintain Threat Models
Build and update threat models tailored to MSS clients, aligning with MITRE ATT&CK for ICS and other relevant frameworks.

Apply Here