We are seeking a highly experienced Operational Technology (OT) Architect to lead the design, security, and evolution of OT network environments supporting critical infrastructure operations. This role is responsible for establishing secure, scalable, and resilient OT architectures that align with industry standards and organizational cybersecurity strategies. The OT Architect will play a key leadership role in strengthening OT/IT integration, implementing network segmentation, and enhancing cybersecurity controls across industrial environments. This position works closely with engineering, operations, and IT teams to ensure safe, reliable, and secure system operations.
Key Responsibilities
- Design and maintain secure, scalable OT network architectures across multiple operational sites
- Define standards for OT network segmentation aligned with the Purdue Model (ISA-95 / IEC 62443)
- Lead the implementation of OT cybersecurity frameworks and architecture roadmaps
- Develop and maintain architectural documentation, standards, and best practices
- Design and deploy security solutions to protect OT systems, including firewalls, IDS/IPS, endpoint protection, and monitoring platforms
- Architect and implement OT DMZ environments and secure remote access solutions (VPN, MFA, jump hosts)
- Ensure secure integration between IT and OT systems while maintaining appropriate isolation and control
- Design, configure, and oversee OT network infrastructure including Cisco switches, routers, and wireless systems
- Manage firewall technologies (e.g., Fortinet, Palo Alto, WatchGuard) within OT environments
- Support hybrid infrastructure, including on-premise and cloud-based OT systems (e.g., AWS VPC environments)
- Optimize network performance, availability, and resiliency
- Collaborate with engineering and operations teams to integrate PLC, DCS, BMS, and SIS systems securely
- Support connectivity and cybersecurity for industrial protocols such as Modbus, DNP3, OPC UA, Ethernet/IP, and PROFINET
- Ensure secure deployment and operation of process historians and industrial data platforms
- Conduct OT risk assessments, threat modeling, and vulnerability management
- Ensure compliance with cybersecurity standards (NIST CSF, NIST SP 800-82, IEC 62443, ISO 27001)
- Support audit readiness, incident response planning, and disaster recovery initiatives
- Establish and manage process control network (PCN) domains and access controls
- Oversee implementation of monitoring tools (e.g., SIEM, Claroty, Nozomi) for threat detection
- Analyze and respond to security events, incidents, and anomalies
- Lead investigations and drive remediation efforts
- Work cross-functionally with IT, engineering, and operations to ensure alignment and secure integration
- Provide technical guidance and mentorship to OT analysts and engineers
- Engage with vendors and third parties to ensure secure and compliant solutions
- Stay current on emerging OT threats, technologies, and industry best practices
- Drive innovation and modernization initiatives within OT environments
- Assist in the development of training, procedures, and technical documentation
Qualifications
- Bachelor’s degree in Computer Science, Engineering, Information Technology, or a related field
- 3-5 years of experience designing and supporting OT/ICS network infrastructure and cybersecurity
- Strong experience with industrial OT network design and segmentation
- Hands-on expertise with Cisco networking (switches, routers, VLANs, routing protocols)
- Advanced experience with firewall administration and secure network architectures
- Experience with Windows Server environments, virtualization (Hyper-V/VMware), and Active Directory
- Familiarity with cloud networking (AWS VPC, EC2, S3)
- Deep understanding of OT cybersecurity frameworks and standards (NIST, IEC 62443, ISA, ISO)
- Experience with vulnerability management, intrusion detection, and incident response
- Proven experience implementing secure network zoning and access controls
- Experience with PLC, DCS, BMS, and SIS systems (e.g., Rockwell, Emerson, ABB, Honeywell)
- Familiarity with OT monitoring and asset management tools (e.g., Claroty, Nozomi)
- Experience supporting process historians (e.g., AVEVA PI, Canary) is an asset
Key Competencies
- Strong analytical and problem-solving skills
- Excellent communication skills with both technical and non-technical audiences
- Ability to lead complex technical initiatives and influence stakeholders
- Highly organized, detail-oriented, and self-driven
- Strong collaboration skills across multidisciplinary teams
- Commitment to safety and operational excellence
Primus Workforce ltd. provides safety- minded, experienced, professional personnel support throughout the energy, construction and technical trades sectors to our clients' long-term and short-term personnel requirements. We are a growing and dynamic company to work with providing the key to your future success.
