Cyber Security & Operation Telemetry (OT) - Solutions Architect
Role details
Job location
Tech stack
Job description
The Solutions Architect will play a critical role in designing and delivering secure, scalable, and resilient architectures across all initiatives within the Operational Telemetry (OT) program. This role ensures architectural consistency, security, and alignment with enterprise standards across the full portfolio of OT projects.
Key responsibilities include leading the architectural design for initiatives such as:
- Encryption of Control Data in Transit (ECDT) - ensuring secure data transmission across OT systems.
- Vulnerability Tracking and Remediation (VTR) - enabling proactive identification and mitigation of vulnerabilities.
- Human Machine Interface Hardening (HMIH)
- Zero Trust (ZT)
- Supply Chain Passport Process (SCPP)
- Engineer Laptop Hardening (ELH)
- Data of Last Resort (DLR)
The architect will define and deliver logical and physical architectures, data lineage, integration architecture, application usage, and both high-level and low-level designs. They will also establish support models and ensure alignment with enterprise architecture standards, regulatory requirements, and cybersecurity best practices.
Requirements
Solutions Architecture: Solid hands-on experience designing and implementing enterprise level solutions.
Operational Technology (OT): Ideally 2 years working with OT systems, preferably in industrial or critical infrastructure environments.
Cybersecurity: At least 5 years of experience in Cybersecurity, including risk assessment, threat mitigation, and compliance with industry standards., Deep expertise in Operational Technology (OT) convergence, network segmentation, and system hardening, with practical application across a broad range of OT initiatives including: Encryption of Control Data in Transit (ECDT), ensuring secure data transmission across OT systems Vulnerability Tracking and Remediation (VTR), enabling proactive identification and mitigation of vulnerabilities Human Machine Interface Hardening (HMIH) Zero Trust (ZT) - Network Access Control (NAC), Network Detect and Response (NDR), Endpoint Detect and Response (EDR) Supply Chain Passport Process (SCPP) - 3rd party supplier management framework and platform Engineer Laptop Hardening (ELH) - Windows laptop hardening (CIS Benchmarks), Secure Web Gateway. Data of Last Resort (DLR) - Automated backups & imutable backups Strong understanding of cyber resilience principles and secure configuration practices across diverse OT environments. Proven experience with Multi-Factor Authentication (MFA) and Authentication Domain integration (eg, Microsoft Active Directory, EntraID). Hands-on experience with encryption technologies (IPSEC, TLS, SDWAN) and secure communication protocols. Familiarity with securing OT-specific protocols such as MQTT, DNP3, and others. In-depth knowledge of compliance frameworks including IEC 62443, NIST 800 series, NIS-D, and NCSC Guidelines. Strong grasp of the Purdue model and its application within utility and industrial control environments. Awareness of penetration testing and secure deployment methodologies tailored to OT systems. Demonstrated experience in designing and documenting vulnerability tracking and remediation frameworks that support enterprise-wide OT security.
Desirable:
Experience with SaaS platforms and cloud-based security architecture.
Familiarity with data classification, DLP, and secure data flows.
Experience with Azure DevOps (ADO) for daily work management and reporting.
Experience with Bizz Design Horizon.
