IT Cyber Security Architect, Plant Infrastructure

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• A minimum of 7-10 years of experience in cybersecurity architecture with a focus on OT environments, compliance, NERC CIP standards, and network design.
• Profound knowledge of NERC CIP requirements and their practical application in energy/utility sectors.
• Strong expertise in designing and implementing security solutions in complex OT environments especially in the renewables industry.
• In-depth understanding of network protocols, architecture, and segmentation strategies.
• Professional certifications such as CISSP, CISM, CRISC, or relevant vendor-specific certifications (e.g., Cisco CCIE, Palo Alto PCNSE) preferred.
• Proven experience with security frameworks such as NIST Cybersecurity Framework, ISA/IEC 62443, or ISO 27001.
• Excellent communication skills, both written and verbal, with the ability to articulate technical concepts to non-technical stakeholders.

Responsibilities

• Develop and execute holistic cybersecurity strategies tailored to the unique challenges of Operational Technology environments, focusing on protecting critical assets, ensuring availability, and preventing unauthorized access.
• Stay abreast of relevant regulations and standards, particularly NERC CIP (Critical Infrastructure Protection) standards, and ensure the organization's systems, processes, and procedures are aligned with compliance requirements.
• Design, review, and enhance network architectures for both IT and OT environments, incorporating security measures that prevent unauthorized intrusion, data breaches, and other cyber threats.
• Conduct thorough risk assessments to identify vulnerabilities and potential threats within the OT landscape. Translate findings into actionable security recommendations and solutions.
• Lead the deployment of advanced security solutions, including intrusion detection systems, firewalls, access controls, and encryption mechanisms, to safeguard critical infrastructure.
• Collaborate with cross-functional teams, including IT, operations, engineering, and compliance, to align cybersecurity initiatives with business goals, operational needs, and regulatory requirements.
• Develop and maintain robust incident response plans specific to OT environments. Coordinate with incident response teams to ensure a swift and effective response to security incidents.
• Raise awareness and provide training to employees, contractors, and partners about OT cybersecurity best practices, policies, and procedures.
• Evaluate the security posture of third-party vendors and partners, ensuring that their solutions and services meet cybersecurity standards.