Information Security Architect - Operational Technology & Industry Control System Security

Recognized internally as the technical authority for Operational Technology (OT) and Industrial Control System (ICS) security, this role designs, implements, and governs security architectures that protect DFA’s manufacturing, processing, and industrial environments. The Information Security Architect ensures the availability, safety, resilience, and integrity of OT systems, while enabling secure integration with enterprise IT platforms. This role applies deep expertise in OT architectures, industrial protocols, and cybersecurity standards to manage cyber risk without disrupting production or compromising safety.

Job Duties and Responsibilities

• Design risk-driven OT cybersecurity architectures and controls that balance cyber risk reduction with operational resilience, system availability, and safety requirements
• Conduct OT-specific cyber risk assessments that translate technical findings into clear, actionable risk statements aligned to safety, availability, and production impact
• Define and maintain OT security architecture standards that reduce material cyber risk, including plant networks, control systems, and IT/OT integration points, aligned with DFA standards and industry best practices
• Advise on risk-based remediation strategies when remediation is constrained by uptime, safety, vendor limitations, or production requirements
• Establish architectural requirements for OT security monitoring and detection to improve risk visibility without disrupting operations
• Serve as a technical escalation and advisory point during OT security incidents, supporting risk-based decision-making and post-incident analysis
• Support post-incident risk reviews to ensure lessons learned are translated into architectural and control improvements
• Act as a trusted advisor to plant operations, engineering, automation, IT, and security leadership on OT cyber risk and design trade-offs
• Support OT cybersecurity risk roadmaps, investment planning, and vendor evaluations by articulating how initiatives reduce operational cyber risk over time

Education and Experience

• Bachelor’s degree in information security, Computer Science, Information Technology, Engineering, or a related discipline, or an equivalent combination of education and relevant manufacturing/OT experience
• 10+ years of progressive experience in information security, OT/ICS security, or IT/OT risk management, with direct exposure to manufacturing or industrial environments
• Demonstrated experience designing, documenting, and implementing security architectures in complex, availability‑critical environments, including development of strategic, tactical, and project‑level security architecture roadmaps
• Experience supporting manufacturing operational technology (OT) such as PLCs, HMIs, SCADA systems, industrial networks, and plant-floor control systems, with an understanding of production uptime, safety, and quality impacts
• Ability to architect security solutions that balance cybersecurity risk, operational safety, system reliability, and production continuity
• Working knowledge of manufacturing‑relevant security frameworks and standards, such as NIST SP 800‑82, ISA/IEC 62443, NIST Cybersecurity Framework, and their practical application in industrial environments
• Experience collaborating with manufacturing engineering, operations, maintenance, and IT teams to integrate security into new and existing production systems. Relevant professional certifications (e.g., CISSP, GICSP, GRID, CISM, or ISA/IEC 62443 certifications) are preferred and may be required during the course of employment

An Equal Opportunity Employer including Disabled/Veterans