Job Description Summary

The OT Cyber Security Solution Architect is responsible for defining and leading OT cyber security architecture across multiple projects in industrial/operational technology environments. This role is a senior leadership role needing deep OT domain knowledge, cybersecurity expertise, and software/solution architecture to design, implement, and govern secure architectures for OT converged systems. The focus is on securing OT/ICS/industrial environments and supporting compliance with relevant industrial standards and regulations.

Job Description

Key Responsibilities

1. Security Architecture Design and Threat Modeling

• Perform security architecture design and threat modeling for OT systems (SCADA, DCS, PLCs, safety systems, industrial networks).

2. Security Zoning/Segmentation

• Define security zoning/segmentation (e.g., Purdue model) and secure network architectures between OT and IT.

3. Standards

• Translate IEC 62443, NIST CSF/800-82, and marine classification society requirements (DNV, ABS, LR, etc.) into practical architecture and design patterns for OT systems.

·      Familiar  with marine Cyber standards , regional specific like SOCI in Australia .

 

4. Security Controls Implementation

• Define and guide the implementation of security controls such as:

  • Secure remote access

  • Identity and access management in OT context

  • Monitoring and logging (SIEM, OT IDS)

  • Patch and vulnerability management for OT

  • Backup and recovery/incident response capabilities in industrial environments

5. Risk Assessments and Gap Analyses

• Support security risk assessments and gap analyses for OT assets and environments.

6. Collaboration with Product Teams

• Work closely with product teams, engineering, and operations to embed security by design into OT solutions.

7. Vendor and Third-party Guidance

• Provide guidance and review of vendor solutions and third-party components for OT cyber security.

8. Incident Response and Cyber Resilience

• Contribute to or lead incident response and post-incident architecture improvements for OT environments.

• Support development and testing of OT incident response and recovery plans.

9. Secure Product Development Lifecycle

• Contribute to secure SDLC practices for OT-related software and systems.

10. Architecture Direction and Governance

• Lead and coordinate domain technical and business discussions relative to future architecture direction across the product portfolio or product line.

• Analyze design and develop a roadmap and implementation plan based upon a current vs. future state in a cohesive architecture viewpoint.

• Review and/or analyze and develop architectural requirements at the domain level within the product portfolio or team.

• Participate in the enterprise architecture domain governance model. Chairing/Participating in design reviews, lead security architecture boards.

• Contribute to the development of software and data delivery platforms with reusable components that can be orchestrated together into different methods.

• Lead the research and evaluation of emerging technology, industry, and market trends to assist in project development and/or operational support activities.

Required Qualifications

• Education:

  • Master’s or Bachelor’s degree in Computer Science, Engineering, or a related STEM discipline.

• Experience:

  • 15+ years of professional experience in cybersecurity, including substantial experience with OT/ICS environments and IT/OT convergence.

• Certifications:

  • Required/strong preference:

    • One or more of: CISSP, GICSP, CISM

    • Demonstrated competence with IEC 62443

  • Preferred:

    • CEH, SABSA Practitioner/SCP, or equivalent architecture certification

Desired Characteristics

Technical Expertise

• Ability to consult customers on alignment of outcomes and desired technical solutions at an enterprise level.

• Ability to analyze, design, and develop a software solution roadmap and implementation plan based upon a current vs. future state of the business. Familiar with Cyber Security Standards -IEC62443, NIST, IACS E26/27, DNV, ABS, LR certification requirements.

• Working knowledge of configuration choices and related cost implications; Experience with complex solution configurations. Ability to design cloud and on-prem architectures with desired levels of Cybersecurity requirements.

• Knowledgeable of the full range of solution catalogs within a business unit and able to discuss the overall solution at depth.

• Able to lead early-stage customer interactions; Guide customers as they develop confidence and comfort with approaches and integrate with their legacy tech investments.

• Familiar with usage of Confluence, Jira, and Project Management tools.

• Experience with OT systems: SCADA, DCS, PLCs, industrial control networks, and safety systems.

• Familiarity with common OT protocols (Modbus, OPC-UA, DNP3, Profinet, etc.) and their security implications.

• Experience designing secure architectures for:

  • Industrial networks, DMZs, and remote access

  • Edge computing and data ingestion from OT to cloud

• Practical application of IEC 62443 (e.g., zone & conduit modeling, security levels, system requirements).

• Ability to design cloud and on-premises architectures that meet OT and IT cyber security requirements, including secure data flows between OT environments and enterprise/cloud systems.

 

 

 

 

Business Acumen

• Explaining cyber risks and mitigations to non-cyber, operations-focused stakeholders.

• Clarify leadership expectations in security governance:

  • Leading security architecture reviews

  • Influencing product roadmaps to embed security

  • Coaching other architects/engineers on OT security best practices

• Proven ability to translate complex OT cyber security risks into clear business impact and actionable mitigation plans for executive and operations audiences.

• Adept at navigating the organizational matrix; understanding people’s roles, can foresee obstacles, identify workarounds, leverage resources, and rally teammates.

• Understand how internal and/or external business models work and facilitate active customer engagement.

• Able to articulate the value of what is most important to the business/customer to achieve outcomes.

• Able to produce functional area information in sufficient detail for cross-functional teams to utilize, using presentation and storytelling concepts.

• Possess extensive knowledge of the full solution catalog within a business unit and proficiency in discussing each area at an advanced level.

• Six Sigma Green Belt Certification or equivalent quality certification.

Leadership

• Demonstrated working knowledge of the internal organization.

• Foresee obstacles, identify workarounds, leverage resources, rally teammates.

• Demonstrated ability to work with and/or lead blended teams, including 3rd party partners and customer personnel.

• Demonstrated Change Management/Acceleration capabilities.

• Strong interpersonal skills, including creativity and curiosity with the ability to effectively communicate and influence across all organizational levels.

• Proven analytical and problem resolution skills.

• Ability to influence and build consensus with other Information Technology (IT) teams and leadership.

Additional Information