Senior OT/ICS Cybersecurity Architect - Industrial Control Systems Security

Description

Dragonfli Group is a cybersecurity and IT consulting firm based in Washington, DC, serving both federal agencies and large commercial enterprises. We specialize in delivering mission-focused security solutions that help organizations safeguard critical systems, protect sensitive data, and enable resilient digital transformation.

We are seeking a Senior OT/ICS Cybersecurity Architect to join our consulting practice in support of a large commercial enterprise. This is a remote opportunity with occasional travel to client sites (primarily in the Houston region).

In This Role, You Will:

• Serve as the trusted security architect guiding industrial organizations through the complexities of Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity.
• Lead the design and implementation of secure architectures for SCADA, DCS, and PLC-based environments, ensuring safe, resilient, and compliant industrial operations.
• Partner with cross-functional IT and OT teams to close security gaps, integrate tools, and align operational risk management with industry standards such as NIST 800-82 and IEC 62443.
• Deploy and optimize leading security solutions including Claroty for asset discovery and vulnerability management, Palo Alto and Cradlepoint for secure networking, CrowdStrike for monitoring, BeyondTrust for privileged access, and Splunk/ServiceNow for visibility and incident management.
• Conduct consequence-based risk assessments, oversee vulnerability remediation programs, and ensure readiness for regulatory audits.
• Drive incident response preparedness by creating OT-specific playbooks and coordinating joint exercises across IT and OT teams.
• Deliver policies, training, and workshops that empower plant operators, engineers, and third-party vendors to uphold a strong cybersecurity posture.

This is a senior consulting position requiring both deep technical knowledge and strong leadership skills. The ideal candidate will have 7–10+ years of hands-on OT/ICS cybersecurity experience, demonstrated expertise in designing secure architectures, and the ability to communicate effectively with executives, engineers, and client stakeholders alike.

Key Responsibilities:

OT/ICS Security Architecture & Design

• Lead the design and implementation of OT/ICS cybersecurity architectures, including network segmentation, secure remote access, and integration with IT security controls.
• Develop and document security reference architectures, blueprints, and roadmaps tailored to client environments and industry standards (e.g., NIST 800-82, IEC 62443).
• Evaluate, select, and deploy OT/ICS cybersecurity technologies, with hands-on experience in:
• Claroty for OT asset discovery and vulnerability management
• Palo Alto and Cradlepoint for firewall configuration, segmentation, and secure connectivity
• CrowdStrike for OT monitoring and threat detection
• BeyondTrust for privileged secure remote access management
• Familiarity with other vendor tools such as Cisco (network security), ServiceNow (ticketing and workflow integration), Splunk (SIEM/log analytics), Crowdstrike (Falcon Discover for IoT) and TxOne (OT endpoint protection)
• Conduct security acceptance testing and validation of new or updated OT systems to ensure compliance with security requirements and industry best practices.

Risk Assessment & Vulnerability Management

• Perform consequence-based risk assessments for OT environments, utilizing methodologies such as Cyber Process Hazards Analysis (Cyber PHA) to identify, analyze, and prioritize cyber risks.
• Lead vulnerability management efforts for OT/ICS assets, including the use of Claroty for vulnerability identification, risk scoring, and remediation planning.
• Support clients in achieving regulatory compliance and readiness for audits related to OT/ICS cybersecurity.

Incident Response & Monitoring

• Design and implement OT/ICS security monitoring solutions, leveraging tools such as CrowdStrike for endpoint and network monitoring, and Splunk for log aggregation and analytics.
• Collaborate with IT and OT teams to develop and test incident response plans specific to industrial environments.
• Integrate monitoring and alerting workflows with ServiceNow for streamlined incident management.

Governance, Policy, and Training

• Develop and update OT/ICS cybersecurity policies, standards, procedures, and job aids.
• Deliver training and awareness programs for client personnel, including plant operators, engineers, and third-party vendors.
• Advise clients on governance frameworks and best practices for OT/ICS cybersecurity program development and maturity assessments.

Client Engagement & Leadership

• Serve as a subject matter expert in client meetings, workshops, and presentations, especially regarding the deployment, integration, and optimization of OT/ICS security tools.
• Lead project teams, mentor junior staff, and contribute to business development activities such as proposal writing and solution development.
• Stay current on emerging OT/ICS threats, vulnerabilities, and technologies, and share insights with clients and internal teams.

Requirements

Required Qualifications

• Bachelor’s degree in Engineering, Computer Science, Information Security, or related field.
• 7+ years of experience in OT/ICS cybersecurity, including hands-on experience with industrial control systems (e.g., SCADA, DCS, PLCs) in sectors such as oil & gas, energy, utilities, or manufacturing.
• 4+ years of demonstrated experience designing and implementing OT/ICS security architectures and controls using tools such as Claroty, Palo Alto, Cradlepoint, CrowdStrike, BeyondTrust PRA, and familiarity with Cisco, ServiceNow, Splunk, and TxOne.
• Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve, primarily within the Houston region.

Preferred Qualifications

• Advanced degree preferred.
• Professional certifications such as GICSP, CISSP, CISM, ISA/IEC 62443, or equivalent.
• Strong knowledge of OT/ICS protocols (e.g., Modbus, DNP3, OPC, Profibus), network architectures, and common vulnerabilities.
• Experience with cloud-based OT/ICS security solutions and IT/OT convergence initiatives.
• Experience with OT/ICS cybersecurity technologies for asset discovery, vulnerability management, network monitoring, endpoint protection, and privileged access management.
• Familiarity with industry standards and frameworks (e.g., NIST 800-82, IEC 62443, NERC CIP).
• Experience conducting risk assessments, vulnerability management, and incident response in OT environments.
• Strong communication skills, with the ability to present complex technical concepts to both technical and non-technical audiences.
• Demonstrated leadership in project delivery and client engagement.
• Prior consulting experience with a focus on critical infrastructure or industrial sectors.
• Experience developing and delivering OT/ICS cybersecurity training programs.

Skill(S)

None

Benefits

Insurance - Health, Dental, & Vision

PTO & 11 Federal Holidays

401(K) Employer Match

Travel

None