Operational Technology (OT) Cybersecurity & Infrastructure Specialist

Industry/Sector

Specialism

Management Level

Job Description & Summary

1. IT-OT Infrastructure & Operations

• Design implement and maintain secure IT-OT infrastructure ensuring reliability performance and cyber resilience.
• Provide expert technical support and resolve complex IT-OT integration and security issues to minimize downtime.
• Maintain a comprehensive asset inventory (wired wireless and IIoT) for visibility and configuration management.
• Act as a subject matter expert (SME) in OT security and infrastructure lifecycle management.

2. OT Cybersecurity Governance & Implementation

• Develop implement and enforce cybersecurity policies and standards in alignment with SANS IEC 62443 NIST and CIS frameworks.
• Conduct security assessments audits and compliance reviews across control networks and critical systems.
• Integrate IDS/IPS and SIEM solutions to monitor and detect OT-specific cyber threats.
• Utilize OT cybersecurity monitoring tools (e.g. Dragos Nozomi Claroty Armis) for continuous threat visibility and anomaly detection.
• Use network and infrastructure monitoring platforms (e.g. SolarWinds Zabbix NetBrain) for performance tracking topology mapping and proactive incident management.
• Maintain measurable compliance and security posture reporting for enterprise and regulatory requirements.

3. Secure OT Migration & Deployment (Greenfield / Brownfield Projects)

• Lead secure OT migration initiatives for modernization or technology upgrades.
• Design greenfield OT environments with security integrated from concept to commissioning.
• Assess and retrofit brownfield environments addressing vulnerabilities in legacy systems.
• Develop and execute migration roadmaps aligned with Purdue Model (Levels 05) for secure network segregation.
• Collaborate with engineering and operations teams to ensure secure deployment of new OT technologies.

4. Security Architecture & Purdue Model Segmentation

• Architect secure OT network topologies aligned with the Purdue Enterprise Reference Architecture (PERA).
• Implement network segmentation (zones and conduits) to isolate critical control systems and prevent lateral movement.
• Configure and deploy firewalls VLANs routers and switches using Cisco Palo Alto Networks or equivalent solutions.
• Conduct network segmentation reviews to ensure compliance with IEC 62443 and enterprise policies.
• Develop and document zoning conduit policies and access controls for OT systems.

5. Wireless and IIoT Security

• Design and secure wireless OT communications (Wi-Fi Bluetooth LoRa Zigbee 4G/5G) used in IIoT and industrial telemetry.
• Implement wireless security controls such as 802.1X authentication WPA3-Enterprise and NAC.
• Perform wireless vulnerability assessments to detect rogue access points weak encryption or interference risks.
• Integrate wireless telemetry systems with enterprise SIEM and SOC platforms for unified visibility.

6. Threat Risk and Control Management

• Identify threats vulnerabilities and attack paths specific to industrial control systems and connected OT assets.
• Build security control libraries design patterns and reusable best practices mapped to industry standards.
• Evaluate and optimize existing controls and defense mechanisms to ensure a multi-layered security posture.
• Provide detailed configuration and deployment playbooks for consistent and secure implementation.

7. Integration Collaboration & Continuous Improvement

• Collaborate with IT OT and engineering teams to align cybersecurity architecture with operational and business objectives.
• Identify and remediate security gaps in solution designs ensuring effective risk management.
• Support integration of OT monitoring platforms with enterprise-level analytics and response systems.
• Demonstrate operational excellence and continuous improvement across all project phases and engagements.

Qualifications & Skills:

• Education: Bachelors or Masters in Computer Science Electrical Electronics or Industrial Engineering.
• Experience: 510 years in OT/ICS cybersecurity network engineering or industrial automation.

Certifications (Preferred):

• SANS GICSP GRID GIAC ICS Defender GCIP
• CISSP CISM CEH CompTIA Security / CySA
• ISA/IEC 62443 Expert / Practitioner
• Cisco CCNP Security Palo Alto PCNSE CWSP / CWNA (for wireless OT)

Technical Competencies:

• Deep expertise in ICS/SCADA DCS and PLC systems (e.g. Siemens Rockwell Schneider).
• Proficient in industrial protocols (Modbus DNP3 OPC-UA Profinet EtherNet/IP).
• Experience with network segmentation and Purdue Model architecture (Levels 05).
• Skilled in OT visibility and monitoring tools:
  • Dragos Nozomi Networks Claroty Armis (for OT cybersecurity and asset discovery).
  • SolarWinds Zabbix NetBrain (for network performance monitoring and topology mapping).
• Hands-on experience with firewalls IDS/IPS SIEM NAC and VPNs in OT/industrial environments.
• Knowledge of wireless OT security IIoT device hardening and cloud-connected OT visibility.
• Familiar with risk management threat modeling and incident response for OT systems.

Soft Skills:

• Strong analytical and problem-solving mindset.
• Excellent communication and stakeholder coordination skills.
• Ability to balance security rigor with operational uptime.
• Commitment to security-by-design documentation and continuous improvement.

• Understand the importance of have a correct information management
• Knowledge of Information Security and Data Protection
• Correct Information Security Management

All qualified applicants will receive consideration for employment at PwC without regard to ethnicity; creed; color; religion; national origin; age; disability;neurodiversity; sexual orientation; gender identity or expression; marital; or any other status protected by law. PwC is proud to be an inclusive organization and equal opportunity employer.

Travel Requirements

Job Posting End Date