Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.
We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!
Job Description
The Team Lead is the first level of leadership within the SOC, ensuring operational excellence, team performance, and high-quality service delivery to customers.
Success Indicators
1. High-quality incident handling and escalations
2. Team performance and analyst development
3. Continuous improvement of SOC processes and detections
4. Positive customer feedback and SLA compliance
You will report to Global SOC Manager
Your Responsibilities:
1. SOC Operations & Delivery
5. Oversee 24/7 monitoring, triage, and escalation of OT security alerts across industrial environments
6. Support complex incident investigations and ensure quality of analysis across all tiers
7. Ensure adherence to SLAs, ticket quality, and operational KPIs
2. Team Leadership & People Management
8. Lead and manage a team of OT SOC analysts (Tier 1 / Tier 2)
9. Provide coaching, mentoring, and performance feedback
10. Support shift planning, coverage, and handovers
3. Process & Continuous Improvement
11. Drive improvements to detection rules, playbooks, and SOC procedures
12. Identify gaps in monitoring, response, and tooling
13. Collaborate with engineering and threat detection teams for tuning and optimisation
14. Promote standardisation and best practices across SOC operations
4. Customer & Stakeholder Management
15. Act as a key point of contact for customers during incidents and escalations
16. Ensure proper communication during major incidents
17. Support reporting, service reviews, and customer discussions
18. Coordinate with internal teams (engineering, IR, service delivery)
The Essentials - You Will Have:
19. Understanding of OT environments and industrial protocols (e.g. Modbus, OPC)
20. Experience with SIEM, IDS, and OT monitoring tools
21. Experience with incident detection, triage, and response processes
22. Knowledge of MITRE ATT&CK and threat detection concepts
23. Experience leading SOC teams or being senior analyst / shift lead
24. Incident management skills
25. Excellent communication skills (technical and customer-facing)
26. Work in mission-critical environments
27. Full working proficiency in both Spanish and English.
The Preferred - You Might Also Have:
28. Experience in OT cybersecurity or industrial environments
29. Certifications such as: GCIH, GCIA, CISSP, or equivalent
30. Experience working in 24x7 SOC environments
What We Offer:
Our benefits package includes …
31. Volunteer Paid Time off available after 6 months of employment for eligible employees
32. Company volunteer and donation matching program – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation.
33. On-demand digital course library for professional development
34. Comprehensive mindfulness programs with a premium membership to Calm
35. Employee Assistance Program
36. Personalized wellbeing programs through our OnTrack program
... and other local benefits!
#LI-Hybrid
#LI-AL1