Job Description Summary

Job Description

Key Responsibilities

1. Security Architecture Design and Threat Modeling

• Perform security architecture design and threat modeling for OT systems (SCADA DCS PLCs safety systems industrial networks).

2. Security Zoning/Segmentation

• Define security zoning/segmentation (e.g. Purdue model) and secure network architectures between OT and IT.

3. Standards

• Translate IEC 62443 NIST CSF/800-82 and marine classification society requirements (DNV ABS LR etc.) into practical architecture and design patterns for OT systems.
• Familiar with marine Cyber standards regional specific like SOCI in Australia .

4. Security Controls Implementation

• Define and guide the implementation of security controls such as:
  • Secure remote access
  • Identity and access management in OT context
  • Monitoring and logging (SIEM OT IDS)
  • Patch and vulnerability management for OT
  • Backup and recovery/incident response capabilities in industrial environments

5. Risk Assessments and Gap Analyses

• Support security risk assessments and gap analyses for OT assets and environments.

6. Collaboration with Product Teams

• Work closely with product teams engineering and operations to embed security by design into OT solutions.

7. Vendor and Third-party Guidance

• Provide guidance and review of vendor solutions and third-party components for OT cyber security.

8. Incident Response and Cyber Resilience

• Contribute to or lead incident response and post-incident architecture improvements for OT environments.
• Support development and testing of OT incident response and recovery plans.

9. Secure Product Development Lifecycle

• Contribute to secure SDLC practices for OT-related software and systems.

10. Architecture Direction and Governance

• Lead and coordinate domain technical and business discussions relative to future architecture direction across the product portfolio or product line.
• Analyze design and develop a roadmap and implementation plan based upon a current vs. future state in a cohesive architecture viewpoint.
• Review and/or analyze and develop architectural requirements at the domain level within the product portfolio or team.
• Participate in the enterprise architecture domain governance model. Chairing/Participating in design reviews lead security architecture boards.
• Contribute to the development of software and data delivery platforms with reusable components that can be orchestrated together into different methods.
• Lead the research and evaluation of emerging technology industry and market trends to assist in project development and/or operational support activities.

Required Qualifications

• Education:
  • Masters or Bachelors degree in Computer Science Engineering or a related STEM discipline.
• Experience:
  • 15 years of professional experience in cybersecurity including substantial experience with OT/ICS environments and IT/OT convergence.
• Certifications:
  • Required/strong preference:
    • One or more of: CISSP GICSP CISM
    • Demonstrated competence with IEC 62443
  • Preferred:
    • CEH SABSA Practitioner/SCP or equivalent architecture certification

Desired Characteristics

Technical Expertise

• Ability to consult customers on alignment of outcomes and desired technical solutions at an enterprise level.
• Ability to analyze design and develop a software solution roadmap and implementation plan based upon a current vs. future state of the business. Familiar with Cyber Security Standards -IEC62443 NIST IACS E26/27 DNV ABS LR certification requirements.
• Working knowledge of configuration choices and related cost implications; Experience with complex solution configurations. Ability to design cloud and on-prem architectures with desired levels of Cybersecurity requirements.
• Knowledgeable of the full range of solution catalogs within a business unit and able to discuss the overall solution at depth.
• Able to lead early-stage customer interactions; Guide customers as they develop confidence and comfort with approaches and integrate with their legacy tech investments.
• Familiar with usage of Confluence Jira and Project Management tools.
• Experience with OT systems: SCADA DCS PLCs industrial control networks and safety systems.
• Familiarity with common OT protocols (Modbus OPC-UA DNP3 Profinet etc.) and their security implications.
• Experience designing secure architectures for:
  • Industrial networks DMZs and remote access
  • Edge computing and data ingestion from OT to cloud
• Practical application of IEC 62443 (e.g. zone & conduit modeling security levels system requirements).
• Ability to design cloud and on-premises architectures that meet OT and IT cyber security requirements including secure data flows between OT environments and enterprise/cloud systems.

Business Acumen

• Explaining cyber risks and mitigations to non-cyber operations-focused stakeholders.
• Clarify leadership expectations in security governance:
  • Leading security architecture reviews
  • Influencing product roadmaps to embed security
  • Coaching other architects/engineers on OT security best practices
• Proven ability to translate complex OT cyber security risks into clear business impact and actionable mitigation plans for executive and operations audiences.
• Adept at navigating the organizational matrix; understanding peoples roles can foresee obstacles identify workarounds leverage resources and rally teammates.
• Understand how internal and/or external business models work and facilitate active customer engagement.
• Able to articulate the value of what is most important to the business/customer to achieve outcomes.
• Able to produce functional area information in sufficient detail for cross-functional teams to utilize using presentation and storytelling concepts.
• Possess extensive knowledge of the full solution catalog within a business unit and proficiency in discussing each area at an advanced level.
• Six Sigma Green Belt Certification or equivalent quality certification.

Leadership

• Demonstrated working knowledge of the internal organization.
• Foresee obstacles identify workarounds leverage resources rally teammates.
• Demonstrated ability to work with and/or lead blended teams including 3rd party partners and customer personnel.
• Demonstrated Change Management/Acceleration capabilities.
• Strong interpersonal skills including creativity and curiosity with the ability to effectively communicate and influence across all organizational levels.
• Proven analytical and problem resolution skills.
• Ability to influence and build consensus with other Information Technology (IT) teams and leadership.

Additional Information