Enhacing Operational Security Through Visibility in OT and IOT Networks

In today's interconnected world, the convergence of Operational Technology (OT) and the Internet of Things (IoT) has revolutionized industries. OT systems, which control critical infrastructure and industrial processes, have traditionally operated in isolation, prioritizing reliability and stability over connectivity. However, the rise of IoT devices has ushered in a new era, where previously isolated OT networks are becoming interconnected with the broader digital landscape. This convergence offers immense opportunities for improved performance and insights, but it also exposes these networks to new and evolving threats.

At The Collective, we are offering an intern to work on a hands-on research project about how we can create insights into OT and IOT networks. This with the primary objective of detecting Threats and providing visibility in these networks for our SOC team. You will have the possibility to play with technologies like Microsoft Defender for Endpoint scanning devices and Microsoft Defender for IoT.

Required skills:

• Basic knowledge of the Microsoft Defender 365 Suite
  • Microsoft Sentinel
  • Microsoft Defender for Endpoint
  • Microsoft Defender for IoT
• A good understanding of network infrastructures
• Notion of OT and IOT devices
• A good understanding of basic security concepts

We are looking for an intern with a can-do attitude, who likes to investigate/learn things that many are not yet familiar with. The intern needs to be able to question each taken decision with security in mind. The intern will be responsible for:

• Researching the different solutions which can be used to accomplish the goal.
• Setting up the solutions in a research environment and define common practices.
• Investigate how the SOC can benefit from the solutions.
  • Define relevant alert rules.
  • Define how we can create network visibility.
  • Help the SOC with how this data can be used in investigations.
• Setup the integration to Microsoft Sentinel
• If time allows, perform a red-teaming exercise on a demo environment to showcase the above defined benefits.