OT Cyber Solution Architect

Talent International
Nottingham, United Kingdom
yesterday

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
£ 177K

Job location

Nottingham, United Kingdom

Tech stack

IEEE 802.1X
Computer Security
High-Level Architecture
Network Security
Zero Trust Network Access
System Testing
Network Access Control
Azure Security Center
Operational Systems
Fortinet
SentinelOne Expertise
Service Stack

Job description

We are seeking a reliable, approachable, responsive, and hands-on OT Cyber Solution Architect to take complete technical ownership of a major Zero Trust architecture rollout. The successful contractor will be responsible for owning the design and implementation lifecycle across a complex, safety-critical Operational Technology (OT) environment

You will lead dedicated OT teams and Subject Matter Experts (SMEs), providing clear technical and design direction while ensuring that all solutions are practical, deployable, and heavily aligned with operational and plant-floor constraints.

Key Deliverables and Accountabilities

You will own the complete Zero Trust architecture and design lifecyclefrom initial requirements gathering and POCs to roll-out, deployment, and eventual BAU transition.

Your key outputs will include:

  • High-Level Designs (HLD) and Low-Level Designs (LLD) for a secure, scalable, and resilient OT security fabric.
  • Comprehensive Testing Plans and Strategies.
  • Change Impact Assessments to ensure safe, non-disruptive deployment in safety-critical industrial environments.

Program Workstreams and Technical Scope

The deployment spans across a heavily federated estate and is broken down into three core technical workstreams:

  1. Network Access Control (NAC)
  • Technology Stack: FortiNAC.
  • Objectives: Implement NAC (802.1X) across Layer 2 switches to achieve robust device authentication, posture checking, and dynamic access control/segmentation without disrupting active operations.
  1. Endpoint Detection and Response (EDR)
  • Technology Stack: SentinelOne (for air-gapped endpoints) and Microsoft Defender for Endpoint (MDE) (for internet-exposed endpoints).
  • Objectives: Deploy behavior-based threat detection safely within highly constrained, legacy OT hardware environments.
  1. Network Detection and Response (NDR) + OT Visibility
  • Technology Stack: Claroty + FortiGate + FortiGuard + FortiNAC.
  • Objectives: Establish comprehensive perimeter threat detection, continuous visibility, and native SOC integration.

Requirements

  • OT Security Expertise: Proven track record as a Cyber Security Architect working natively within safety critical industrial environments (e.g., Utilities, Water, Energy, Oil and Gas, or Rail).
  • Lifecycle Ownership: Direct experience writing production-grade HLDs and LLDs, alongside conducting successful Proof of Concepts (POCs) for security tooling.
  • Tooling Mastery: Deep architectural knowledge of at least two of the primary stack components: FortiNAC, Claroty, SentinelOne, or Microsoft Defender for Endpoint (MDE).
  • Framework Alignment: Strong understanding of OT network security segmentation principles (Purdue Model) and industrial standards such as IEC 62443 or the NCSC CAF.

Apply for this position