Job Description Summary

The OT Cyber Security Solution Architect is responsible for defining and leading OT cyber security architecture across multiple projects in industrial/operational technology environments. This role is a senior leadership role needing deep OT domain knowledge, cybersecurity expertise, and software/solution architecture to design, implement, and govern secure architectures for OT converged systems. The focus is on securing OT/ICS/industrial environments and supporting compliance with relevant industrial standards and regulations.

Job Description

Key Responsibilities

1. Security Architecture Design and Threat Modeling

• Perform security architecture design and threat modeling for OT systems (SCADA, DCS, PLCs, safety systems, industrial networks).

2. Security Zoning/Segmentation

• Define security zoning/segmentation (e.g., Purdue model) and secure network architectures between OT and IT.

3. Standards

• Translate IEC 62443, NIST CSF/800-82, and marine classification society requirements (DNV, ABS, LR, etc.) into practical architecture and design patterns for OT systems.
• Familiar  with marine Cyber standards , regional specific like SOCI in Australia .

4. Security Controls Implementation

• Define and guide the implementation of security controls such as:
  • Secure remote access
  • Identity and access management in OT context
  • Monitoring and logging (SIEM, OT IDS)
  • Patch and vulnerability management for OT
  • Backup and recovery/incident response capabilities in industrial environments

5. Risk Assessments and Gap Analyses

• Support security risk assessments and gap analyses for OT assets and environments.

6. Collaboration with Product Teams

• Work closely with product teams, engineering, and operations to embed security by design into OT solutions.

7. Vendor and Third-party Guidance

• Provide guidance and review of vendor solutions and third-party components for OT cyber security.

8. Incident Response and Cyber Resilience

• Contribute to or lead incident response and post-incident architecture improvements for OT environments.
• Support development and testing of OT incident response and recovery plans.

9. Secure Product Development Lifecycle

• Contribute to secure SDLC practices for OT-related software and systems.

10. Architecture Direction and Governance

• Lead and coordinate domain technical and business discussions relative to future architecture direction across the product portfolio or product line.
• Analyze design and develop a roadmap and implementation plan based upon a current vs. future state in a cohesive architecture viewpoint.
• Review and/or analyze and develop architectural requirements at the domain level within the product portfolio or team.
• Participate in the enterprise architecture domain governance model. Chairing/Participating in design reviews, lead security architecture boards.
• Contribute to the development of software and data delivery platforms with reusable components that can be orchestrated together into different methods.
• Lead the research and evaluation of emerging technology, industry, and market trends to assist in project development and/or operational support activities.

Required Qualifications

• Education:
  • Master’s or Bachelor’s degree in Computer Science, Engineering, or a related STEM discipline.
• Experience:
  • 15+ years of professional experience in cybersecurity, including substantial experience with OT/ICS environments and IT/OT convergence.
• Certifications:
  • Required/strong preference:
    • One or more of: CISSP, GICSP, CISM
    • Demonstrated competence with IEC 62443
  • Preferred:
    • CEH, SABSA Practitioner/SCP, or equivalent architecture certification

Desired Characteristics

Technical Expertise

• Ability to consult customers on alignment of outcomes and desired technical solutions at an enterprise level.
• Ability to analyze, design, and develop a software solution roadmap and implementation plan based upon a current vs. future state of the business. Familiar with Cyber Security Standards -IEC62443, NIST, IACS E26/27, DNV, ABS, LR certification requirements.
• Working knowledge of configuration choices and related cost implications; Experience with complex solution configurations. Ability to design cloud and on-prem architectures with desired levels of Cybersecurity requirements.
• Knowledgeable of the full range of solution catalogs within a business unit and able to discuss the overall solution at depth.
• Able to lead early-stage customer interactions; Guide customers as they develop confidence and comfort with approaches and integrate with their legacy tech investments.
• Familiar with usage of Confluence, Jira, and Project Management tools.
• Experience with OT systems: SCADA, DCS, PLCs, industrial control networks, and safety systems.
• Familiarity with common OT protocols (Modbus, OPC-UA, DNP3, Profinet, etc.) and their security implications.
• Experience designing secure architectures for:
  • Industrial networks, DMZs, and remote access
  • Edge computing and data ingestion from OT to cloud
• Practical application of IEC 62443 (e.g., zone & conduit modeling, security levels, system requirements).
• Ability to design cloud and on-premises architectures that meet OT and IT cyber security requirements, including secure data flows between OT environments and enterprise/cloud systems.

Business Acumen

• Explaining cyber risks and mitigations to non-cyber, operations-focused stakeholders.
• Clarify leadership expectations in security governance:
  • Leading security architecture reviews
  • Influencing product roadmaps to embed security
  • Coaching other architects/engineers on OT security best practices
• Proven ability to translate complex OT cyber security risks into clear business impact and actionable mitigation plans for executive and operations audiences.
• Adept at navigating the organizational matrix; understanding people’s roles, can foresee obstacles, identify workarounds, leverage resources, and rally teammates.
• Understand how internal and/or external business models work and facilitate active customer engagement.
• Able to articulate the value of what is most important to the business/customer to achieve outcomes.
• Able to produce functional area information in sufficient detail for cross-functional teams to utilize, using presentation and storytelling concepts.
• Possess extensive knowledge of the full solution catalog within a business unit and proficiency in discussing each area at an advanced level.
• Six Sigma Green Belt Certification or equivalent quality certification.

Leadership

• Demonstrated working knowledge of the internal organization.
• Foresee obstacles, identify workarounds, leverage resources, rally teammates.
• Demonstrated ability to work with and/or lead blended teams, including 3rd party partners and customer personnel.
• Demonstrated Change Management/Acceleration capabilities.
• Strong interpersonal skills, including creativity and curiosity with the ability to effectively communicate and influence across all organizational levels.
• Proven analytical and problem resolution skills.
• Ability to influence and build consensus with other Information Technology (IT) teams and leadership.

Additional Information