Description:

Experience: 10 to 12 Years

Location: Mumbai (On-site/Hybrid)

Industry: Power, Utilities, Renewables, or Manufacturing

Role Summary:

We are seeking a visionary OT Security Architect to lead the defense of our critical infrastructure and industrial environments. In this high-stakes role, you will be responsible for defining and governing the cybersecurity posture across Power Plants, Substations, and Manufacturing facilities. You will bridge the gap between traditional IT security and industrial operations, spearheading IT-OT convergence and the implementation of Zero Trust principles within the OT domain. Your expertise will be critical in designing resilient architectures for SCADA, PLC, DCS, and RTU systems, ensuring they remain protected against evolving cyber threats. The ideal candidate is a subject matter expert in the IEC 62443 standard, capable of conducting deep-dive risk assessments and overseeing the integration of advanced OT security tools like NDR and industrial SOC solutions.

Responsibilities

- Architectural Governance: Design and document secure-by-design OT/ICS architectures for critical systems including SCADA, PLC, DCS, RTU, and BMS.

- Strategic Roadmap Development: Define the long-term OT cybersecurity strategy, establishing standards and roadmaps that align with global industrial benchmarks.

- Convergence & Zero Trust: Lead the strategic integration of IT and OT networks, implementing Zero Trust Security models to eliminate implicit trust within industrial zones.

- IEC 62443 Implementation: Apply the Zone and Conduit model to segment industrial networks, minimizing lateral movement and containing potential breaches.

- Industrial Risk Assessment: Conduct comprehensive OT-specific risk assessments and vulnerability management programs tailored to the unique constraints of real-time operations.

- Security Tool Orchestration: Oversee the deployment and tuning of OT-native security tools, including Network Detection & Response (NDR), specialized IDS, and SIEM/SOC integration.

- Protocol Analysis: Ensure the security of specialized industrial protocols such as Modbus, DNP3, OPC, and PROFINET through deep packet inspection and traffic analysis.

- Incident Response Leadership: Lead OT-centric incident response efforts, ensuring rapid containment and recovery while maintaining operational continuity.

- Compliance Management: Ensure rigorous adherence to international standards including IEC 62443, NIST SP 800-82, and ISO 27001.

- Stakeholder Collaboration: Act as the primary technical liaison between plant operations, R&D, and corporate IT security teams to harmonize security goals.

Technical Requirements

- OT/ICS Pedigree: 10 to 12 years of dedicated experience in OT/ICS cybersecurity within the Power, Utilities, or Manufacturing sectors.

- Deep Protocol Knowledge: Expert-level understanding of industrial communication protocols including Modbus, DNP3, and OPC.

- Standard Mastery: Proven track record of implementing the IEC 62443 framework and NIST 800-82 guidelines.

- Security Engineering: Hands-on experience with industrial firewalls, unidirectional gateways (data diodes), and OT visibility platforms (e.g., Nozomi, Claroty, or Dragos).

- System Familiarity: Strong technical understanding of the hardware and software logic governing PLCs, RTUs, and DCS controllers.

Preferred Skills & Certifications:

- Professional Certifications: GICSP (Global Industrial Cyber Security Professional) or specialized IEC 62443 certifications are highly preferred; CISSP or CISM is a plus.

- Vulnerability Research: Experience with industrial control system vulnerability research or specialized penetration testing.

- Communication Mastery: Ability to articulate complex cyber risks to plant managers and C-suite executives alike.

- Regulatory IQ: Familiarity with regional grid security standards and critical infrastructure protection (CIP) mandates.

- Analytical Problem Solving: Exceptional ability to deconstruct complex, legacy industrial systems to identify non-obvious security gaps.