Cyber Defense Consultant - SME

Design and maintain enterprise security architecture aligned with business, technology, and compliance requirements.
Define security standards, reference architectures, patterns, and guardrails for cloud, network, applications, identity, data, and infrastructure.
Review solution designs and ensure security requirements are embedded from the early design stage.
Conduct security architecture assessments for new systems, platforms, integrations, and transformation programs.
Identify security risks, recommend controls, and support risk treatment plans.
Work with infrastructure, cloud, application, network, IAM, SOC, GRC, and OT teams to ensure secure-by-design implementation.
Translate business and technical requirements into practical security controls.
Support implementation of Zero Trust, defense-in-depth, segmentation, least privilege, secure access, and secure monitoring models.
Define security requirements for third-party integrations, APIs, remote access, cloud workloads, and critical systems.
Support security governance by reviewing exceptions, deviations, and architecture waivers.
Provide technical guidance to project teams during design, build, testing, and deployment phases.
Ensure solutions comply with internal policies, regulatory requirements, and relevant standards such as ISO 27001, NIST, CIS, IEC 62443, and other applicable frameworks.
Collaborate with SOC and operations teams to ensure security logging, monitoring, detection, and response requirements are included in solution designs.
Maintain security architecture documentation, diagrams, decision records, and control mappings.
Stay updated on emerging threats, security technologies, and architecture best practices.

8+ years of experience
Experience with Operational Technology environments, including industrial control systems, SCADA, PLCs, HMIs, engineering workstations, historians, and industrial networks.
Understanding of OT network architecture, Purdue Model, industrial zones and conduits, and IT/OT segmentation.
Experience designing secure remote access solutions for OT vendors, engineers, and support teams.
Knowledge of OT security standards and frameworks, especially IEC 62443, NIST SP 800-82, and relevant critical infrastructure security practices.
Ability to assess OT risks while considering safety, availability, production continuity, and operational constraints.
Experience with OT asset discovery, visibility tools, network monitoring, and passive detection technologies.
Familiarity with industrial protocols such as Modbus, DNP3, OPC, Profinet, EtherNet/IP, BACnet, or similar.
Experience supporting OT vulnerability management, compensating controls, and risk-based remediation.
Ability to design secure OT network segmentation, firewall rules, jump servers, DMZ architecture, and controlled data flows between IT and OT.
Knowledge of secure backup, disaster recovery, patching constraints, and lifecycle management for OT systems.
Experience working with plant operations, engineering teams, automation vendors, SOC, and cybersecurity teams.
Ability to balance cybersecurity requirements with operational safety, uptime, and site-specific limitations.
Experience supporting OT incident response planning, tabletop exercises, and security monitoring use cases.
Understanding of physical security, safety systems, and their relationship with cybersecurity in industrial environments.
Experience preparing OT security documentation, architecture diagrams, risk assessments, and remediation roadmaps.

Similar jobs

No similar jobs found

Term of use Privacy policy