AVP, Team Lead, Cyber-Physical Systems (CPS) Security & Resiliency (Power Sector)

About The Position

Requirements

• BS degree in Engineering, Computer Science, Information Systems, Cybersecurity, or a related field and 10 years of related experience
• Minimum of 10 years of business leadership experience in cyber-physical systems, OT/ICS, infrastructure security, or resilience.
• Minimum of 10 years of experience delivering advisory services (strategy, governance, road mapping, program development, compliance) into cyber-physical system OT, ICS, and SCADA environments.
• Minimum years of OT or ICS experience in consulting, engineering, or cyber-physical environments.
• Proven track record of growth, building, and scaling capabilities inside large engineering (AEC), EPC, or infrastructure organizations.
• Proven ability to translate risk into executive-level decision frameworks and business outcomes.
• Experience working across matrixed organizations with multiple business lines and stakeholders.
• Advanced knowledge of relevant CPS, OT, and cyber risk frameworks and regulatory constructs applicable to cyber-physical systems within critical infrastructure environments.
• Strong communication skills with experience developing client-facing reports, strategies, roadmaps, and presentations.
• Deep understanding of Power sector systems and the operational realities of infrastructure delivery.

Nice To Haves

• Master of Business Administration (MBA) preferred
• 15 years of OT or ICS experience in consulting, engineering, or cyber-physical environments.
• Cyber-physical training or certifications are preferred, e.g. – C|CISO, GICSP, CISSP
• Consequence-focused training for Physical & Digital Infrastructure, e.g. Consequence-Driven, Cyber-Informed Engineering (CCE ACCELERATE)
• AI-governance and/or AI-risk related training
• 15 years of P&L ownership experience
• Previous experience developing CPS service offerings
• Previous experience developing and managing CPS-related managed services
• Industry voices and distinction preferred, e.g. – Previously published in industry journals.
• Previous conference speaking engagements.
• Participated in various media such as TV, radio, podcasts, and webinars.

Responsibilities

• Establish the CPS Security & Resilience practice for the Power sector
• Develop and execute go-to-market, recruitment, and top- and bottom-line growth strategies for the CPS Security & Resiliency workstream
• Support strategic pursuits and key accounts from the cyber-physical resiliency lens, where CPS risk influences project outcomes or client confidence.
• Engage client executives, boards, and regulators on system-level risk, resilience, and governance.
• Act as a strategic partner to leadership on infrastructure resilience, reliability, and operational risk
• Advise clients on cyber-physical risk and resiliency implications of AI-enabled grid modernization, automation, DER integration, advanced protection schemes, and digitally enabled control environments
• Oversee and guide the development of reusable tools, templates, frameworks, and best practices for CPS Security & Resiliency
• Partner closely with Advisory leadership to align CPS services with broader operational, digital, and risk advisory offerings
• Coordinate with existing IT, OT, and cyber resources across AECOM to avoid duplication and fragmentation
• Work closely with senior leadership to shape AECOM’s CPS Security & Resilience offerings and expand market presence
• Lead project workstreams while teaching and mentoring junior staff
• Support capture and proposal activities, including developing scopes of work, methodologies, and strategic content
• Build and maintain strong client relationships to identify new opportunities and ensure successful delivery
• Serve as a bridge between technical specialists and executive-level client discussions
• Lead OT engagements related to cyber-physical systems
• Lead client engagements addressing AI-enabled CPS risk, resilience, and governance across CPS/OT and CPS/IT environments, including model risk, autonomy, decision authority, and failure propagation into physical systems
• Lead cybersecurity assessments, vulnerability analyses, and program reviews to help clients identify risks and prioritize improvements
• Conduct maturity assessments, risk evaluations, gap analyses, and policy reviews to help clients define long-term CPS/OT and CPS/IT strategies
• Develop OT governance models, operational frameworks, and investment plans that guide clients through modernization and lifecycle planning
• Facilitate workshops, interviews, and stakeholder meetings to gather requirements and translate them into strategic recommendations
• Embed CPS risk considerations into pursuits, delivery models, and client engagements
• Develop OT and ICS cybersecurity programs aligned with frameworks such as NIST CSF, NERC CIP, and IEC 62443
• Prepare guidance for OT security controls, monitoring approaches, segmentation strategies, governance, and compliance
• Provide industry leadership and guidance on CPS/OT and CPS/IT security & resiliency, promoting alignment with enterprise risk management, regulatory expectations, and delivery realities
• Advise clients on CPS architecture concepts, technology options, integration considerations, and migration strategies
• Oversee and guide master planning for CPS, including AI-enabled CPS, grid modernization, SCADA and EMS/DMS evolution, advanced automation, digital substations, and next-generation OT and CPS/IT architectures
• Evaluate operational risks and recommend solutions that improve resiliency, reliability, and worker safety in CPS/OT environments

Benefits

• medical
• dental
• vision
• life
• AD&D
• disability benefits
• paid time off
• leaves of absences
• voluntary benefits
• perks
• flexible work options
• well-being resources
• employee assistance program
• business travel insurance
• service recognition awards
• retirement savings plan
• employee stock purchase plan