Principal ICS Cyber Architect

About The Position

Requirements

• Demonstrated experience designing one-way dataflow / cross-domain solutions, segmented architectures, or air-gap-adjacent observability patterns
• Experience working with engineering teams on digital I&C, system architecture, or operational technology modernization projects
• Ability to write clear architecture documents, diagrams, and security rationales for engineering and regulatory audiences
• Strong working knowledge of at least two of the following:
• NRC RG 5.71 (Rev. 1) or previous revisions
• DOE 205.1C / NIST 800-53
• NERC CIP (particularly CIP-005, CIP-007, CIP-010)
• IEC 62443
• Proven analytical skills
• Expert knowledge of ICS/OT security principles and regulations
• Ability to influence without authority
• Demonstrated effective decision-making skills
• Ability to explain complex ICS security concepts to non-technical stakeholders
• Translation of cybersecurity risk into operational and safety-relevant terms
• Collaboration with site engineers, operators, regulators, and program leadership
• Serving as technical design authority for OT security initiatives
• Good interpersonal skills: ability to work effectively and cooperatively with all levels of management and staff, affiliated-company employees as well as outside business associates; exhibits a professional manner in dealing with others
• Superior organizational, follow-up, and detail-oriented skills
• Make decisions, solve problems, and exercise excellent judgment
• Work well under pressure and independently prioritize workload, while working on multiple projects
• Ability to research, organize and analyze technical information with particular attention to accuracy and detail
• Proficient using Microsoft Office products, such as Word, Excel and PowerPoint, and industry-standard computer software and databases
• High degree of sensitivity regarding confidential information
• Sufficient fine motor skills for the use of computers, calculators with an ability to withstand repetitive keyboarding for extended periods of time.
• Visual and communications ability adequate to perform the essential functions of the job.
• Ability to kneel, bend and twist at the waist on an occasional basis.
• Ability to reach below shoulder height with regular frequency (desk position) and at or above shoulder height on occasion.
• Ability to push, pull, carry and lift objects weighing up to 10 pounds on a regular basis, and greater weights on an occasional basis.
• Ability to travel by vehicle or aircraft, and ability to safely operate a motor vehicle.
• Bachelor’s degree and 10+ years securing ICS, SCADA, or DCS environments in sectors such as nuclear, DOE, utilities, or other regulated critical infrastructure or equivalent combination of education and experience.
• Ability to pass a background and drug screening.
• Must have identification compliant with the Real ID Act at time of hire.
• Must be able to obtain Department of Energy access badge.

Nice To Haves

• Experience with or exposure to DOE national laboratories, or commercial nuclear sites.
• Familiarity with SMR concepts, advanced reactor designs, or hybrid nuclear/renewables architectures.
• Hands-on experience with tools such as historian platforms, OT monitoring platforms (e.g., Nozomi, Dragos, Tenable OT), or ICS protocol telemetry pipelines.
• Clearance eligibility or existing DOE Q/L clearance.

Responsibilities

• Lead the design and evaluation of tiered ICS network architectures, including segmentation boundaries, safety-critical zones, DMZs, and secure telemetry pathways.
• Develop and document observability models, including log/event flows, historian telemetry, and control-effectiveness evidence pipelines.
• Define and evaluate one-way data movement solutions (e.g., data diodes / unidirectional gateways) for digital I&C and plant monitoring environments.
• Analyze system architectures against NRC RG 5.71 (Rev. 1), DG-5075 draft guidance, Part 53 language, and DOE/NIST expectations.
• Work closely with EPC, operator, and reactor-design partners to support early-phase cyber decisions without disrupting I&C/safety design philosophy.
• Participate in joint architecture working sessions, design reviews, and concept-of-operations development.
• Translate evolving regulatory language into design-enablement artifacts, technical recommendations, and defensible documentation.
• Provide architecture, engineering, and consulting support to existing cyber and infrastructure teams within exiting DOE ICS environments.
• Conduct architecture gap assessments for SMR and other critical infrastructure systems.
• Evaluate ICS logging, anomaly detection, and monitoring models suitable for air-gapped or diode-restricted environments.
• Recommend approaches for incident detection/incident response (ID/IR) that are compatible with segmented nuclear or DOE ICS environments.
• Mentor engineers and analysts on ICS security principles and regulatory expectations.
• Contribute to the development of OSC TS’s observability and diode testbed environments.
• Help shape OSC TS service offerings and deliverables for nuclear and critical-infrastructure clients.
• Perform other duties as appropriate and as assigned.

Benefits

• OSC Technical Solutions offers excellent benefits for eligible employees.
• Benefits include paid holidays, paid time off, 401k with employer match, dental, vision, health insurance plans through the Federal Employee Health Benefits (FEHB) program, as well as life and disability benefits.