OT Cybersecurity Engineer (SIEM & NDR Specialist)

SOLHELIX is a forward-thinking IT consulting and implementation firm dedicated to driving growth through innovative use of data. Focused on serving high-growth, mission-critical industries like finance, e-commerce, healthcare, and Industry 4.0, SOLHELIX places a strong emphasis on precision, security, and reliability. The company is committed to leveraging automation while recognizing the unparalleled value of human creativity and problem-solving. SolHelix offers services that empower organizations to navigate the challenges of a rapidly evolving digital landscape.Role Description:This full-time B2B remote role is for an OT Cybersecurity Engineer (SIEM & NDR Specialist), the candidate must be based in Poland.Are you passionate about securing OT/ICS environments and building high-quality detections across SIEM and NDR platforms? We’re looking for a hands-on OT Detection Engineer to join our growing security team and help us build a robust detection and monitoring capability from the ground up.What You Will Be Working On:Deploying, configuring, and developing Wazuh for SIEM operations.Building and tuning detection content for OT environments.Creating, optimizing, and maintaining Zeek and Suricata rules.Implementing Network Detection and Response (NDR) capabilities.Integrating OT and ICS data sources into the SIEM.Working closely with engineering and security teams to elevate detection maturity.Helping shape the future of our monitoring, detection, and response strategy.Qualifications and Must Have:Hands-on experience with Wazuh deployment, configuration, and rule development.Proven experience configuring SIEM platforms specifically in OT or ICS environments.Strong practical knowledge of Network Detection and Response tools.Direct experience writing, tuning, and maintaining Zeek and Suricata rules.Solid understanding of network protocols, packet analysis, and threat behaviors.Experience working with OT or ICS networks, SCADA systems, or industrial protocols.Ability to troubleshoot complex issues across SIEM and NDR pipelines.Strong analytical and problem-solving skills.Nice to Have:Experience with ICS and SCADA protocols such as IEC 104, Modbus, or DNP3Familiarity with MITRE ATTACK for ICS.Python or Bash scripting for automation.Exposure to DevOps tools or infrastructure as code.