Lead - OT/IT – Operations & Compliance

About The Position

Requirements

• Bachelor’s degree in IT, Computer Science, Cybersecurity, Industrial Automation, related field, or equivalent work experience.
• 7+ years of combined IT/OT experience, including 2+ years in industrial cybersecurity or compliance-driven environments (e.g., SCADA, PLCs, DCS, plant operations).
• Strong understanding of NERC CIP compliance, and industrial cybersecurity frameworks (NIST SP 800-82, IEC 62443).
• Hands-on experience with OT infrastructure and cybersecurity controls including: Servers (Windows/Linux), virtualization (VMware/Proxmox), and backup (Commvault/Veeam).
• Network segmentation, firewalls (Fortinet, Palo Alto,), and industrial DMZ design.
• Endpoint protection/EDR platforms (CrowdStrike, Microsoft Defender).
• Asset inventory and monitoring tools (Industrial Defender, Nozomi, Claroty, Dragos).
• Familiarity with identity and access management (Active Directory, Okta, Azure AD), vulnerability scanning and service management (ServiceNow).
• Experience with physical security systems (e.g., CCURE, camera systems, sensors) and supporting compliance documentation.
• Strong analytical, documentation, and communication skills; able to translate technical risks into business terms.

Nice To Haves

• Professional certifications such as CISSP, CISM, GCIP, GICSP, or equivalent.
• Experience supporting or leading NERC CIP audit or evidence collection processes.
• Hands On experience Firewall Rule analysis, Network, Hosting Practical knowledge of risk assessment, incident response, and continuous monitoring in OT networks.
• Background in the utilities, energy, or manufacturing industries.
• Skills & Attributes Strong sense of ownership and accountability — drives initiatives from concept to closure.
• Collaborative communicator who can align IT, OT, and business functions toward shared goals.
• Applies common sense and sound judgment when navigating complex or ambiguous situations.
• Comfortably operating in imperfect environments with legacy systems and resource constraints.
• Balances security imperatives with operational continuity and practical execution.

Responsibilities

• Cybersecurity Strategy & Governance Own and drive the execution of the company’s OT cybersecurity and compliance strategy in alignment with enterprise security and IT/OT convergence objectives.
• Lead the implementation and operation of OT cybersecurity platforms, including asset inventory, vulnerability management, network segmentation, and secure remote/vendor access.
• Develop, maintain, and enforce OT security standards, architecture patterns, and implement guidelines consistent with NERC CIP and industry best practices.
• Establish OT cyber governance forums (e.g., monthly IT/OT Security Steering Committee) to align stakeholders, track risk reduction, and guide strategic decisions.
• Operations, Compliance & Lifecycle Management Ensure IT and OT systems comply with NERC CIP standards, cyber regulations, and internal security policies.
• Lead the execution of patch management, access control, system logging, baseline configuration, and change management across regulated and non-regulated environments.
• Support compliance evidence collection, documentation maintenance, and audit readiness for NERC, NRC, and internal reviews.
• Serve as a technical SME during audits, self-certifications, and remediation activities.
• Architecture, Assessment & Continuous Improvement Participate in the design and validation of cybersecurity architectures that span both IT and OT environments — ensuring practical, fit-for-purpose solutions.
• Plan, coordinate, and execute OT cybersecurity assessments in collaboration with internal teams, third parties, and site engineers.
• Conduct tabletop exercises, incident simulations, and post-event reviews to validate operational readiness and continuous improvement.
• Support incident response, including root cause analysis, containment, and corrective actions.
• Collaboration & Advisory Support Serve as a trusted advisor to plant managers, engineers, and IT teams — balancing risk reduction with operational continuity.
• Lead cross-functional working sessions to align site operations, compliance, and enterprise architecture objectives.
• Manage and scale targeted OT cybersecurity awareness programs tailored for operations personnel.
• Support technology evaluation, RFPs, and integration planning for emerging OT security tools.

Benefits

• Talen Energy offers an exceptional benefits program to its employees. Benefits include comprehensive health, dental, vision, prescription plans, life insurance, and disability insurance. In addition, employees are eligible to participate in Talen Energy’s 401(k) plan. Talen Energy also provides competitive vacation and sick time to its employees.