Senior OT/ICS Cybersecurity Architect - Industrial Control Systems Security

Description Dragonfli Group is a cybersecurity and IT consulting firm based in Washington, DC, serving both federal agencies and large commercial enterprises. We specialize in delivering mission-focused security solutions that help organizations safeguard critical systems, protect sensitive data, and enable resilient digital transformation. We are seeking a Senior OT/ICS Cybersecurity Architect to join our consulting practice in support of a large commercial enterprise. This is a remote opportunity with occasional travel to client sites (primarily in the Houston region). In this role, you will: • Serve as the trusted security architect guiding industrial organizations through the complexities of Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity. • Lead the design and implementation of secure architectures for SCADA, DCS, and PLC-based environments, ensuring safe, resilient, and compliant industrial operations. • Partner with cross-functional IT and OT teams to close security gaps, integrate tools, and align operational risk management with industry standards such as NIST 800-82 and IEC 62443. • Deploy and optimize leading security solutions including Claroty for asset discovery and vulnerability management, Palo Alto and Cradlepoint for secure networking, CrowdStrike for monitoring, BeyondTrust for privileged access, and Splunk/ServiceNow for visibility and incident management. • Conduct consequence-based risk assessments, oversee vulnerability remediation programs, and ensure readiness for regulatory audits. • Drive incident response preparedness by creating OT-specific playbooks and coordinating joint exercises across IT and OT teams. • Deliver policies, training, and workshops that empower plant operators, engineers, and third-party vendors to uphold a strong cybersecurity posture. This is a senior consulting position requiring both deep technical knowledge and strong leadership skills. The ideal candidate will have 7–10+ years of hands-on OT/ICS cybersecurity experience, demonstrated expertise in designing secure architectures, and the ability to communicate effectively with executives, engineers, and client stakeholders alike. Key Responsibilities: OT/ICS Security Architecture & Design • Lead the design and implementation of OT/ICS cybersecurity architectures, including network segmentation, secure remote access, and integration with IT security controls. • Develop and document security reference architectures, blueprints, and roadmaps tailored to client environments and industry standards (e.g., NIST 800-82, IEC 62443). • Evaluate, select, and deploy OT/ICS cybersecurity technologies, with hands-on experience in: • Claroty for OT asset discovery and vulnerability management • Palo Alto and Cradlepoint for firewall configuration, segmentation, and secure connectivity • CrowdStrike for OT monitoring and threat detection • BeyondTrust for privileged secure remote access management • Familiarity with other vendor tools such as Cisco (network security), ServiceNow (ticketing and workflow integration), Splunk (SIEM/log analytics), Crowdstrike (Falcon Discover for IoT) and TxOne (OT endpoint protection) • Conduct security acceptance testing and validation of new or updated OT systems to ensure compliance with security requirements and industry best practices. Risk Assessment & Vulnerability Management • Perform consequence-based risk assessments for OT environments, utilizing methodologies such as Cyber Process Hazards Analysis (Cyber PHA) to identify, analyze, and prioritize cyber risks. • Lead vulnerability management efforts for OT/ICS assets, including the use of Claroty for vulnerability identification, risk scoring, and remediation planning. • Support clients in achieving regulatory compliance and readiness for audits related to OT/ICS cybersecurity. Incident Response & Monitoring • Design and implement OT/ICS security monitoring solutions, leveraging tools such as CrowdStrike for endpoint and network monitoring, and Splunk for log aggregation and analytics. • Collaborate with IT and OT teams to develop and test incident response plans specific to industrial environments. • Integrate monitoring and alerting workflows with ServiceNow for streamlined incident management. Governance, Policy, and Training • Develop and update OT/ICS cybersecurity policies, standards, procedures, and job aids. • Deliver training and awareness programs for client personnel, including plant operators, engineers, and third-party vendors. • Advise clients on governance frameworks and best practices for OT/ICS cybersecurity program development and maturity assessments. Client Engagement & Leadership • Serve as a subject matter expert in client meetings, workshops, and presentations, especially regarding the deployment, integration, and optimization of OT/ICS security tools. • Lead project teams, mentor junior staff, and contribute to business development activities such as proposal writing and solution development. • Stay current on emerging OT/ICS threats, vulnerabilities, and technologies, and share insights with clients and internal teams. Requirements Required Qualifications • Bachelor’s degree in Engineering, Computer Science, Information Security, or related field. • 7+ years of experience in OT/ICS cybersecurity, including hands-on experience with industrial control systems (e.g., SCADA, DCS, PLCs) in sectors such as oil & gas, energy, utilities, or manufacturing. • 4+ years of demonstrated experience designing and implementing OT/ICS security architectures and controls using tools such as Claroty, Palo Alto, Cradlepoint, CrowdStrike, BeyondTrust PRA, and familiarity with Cisco, ServiceNow, Splunk, and TxOne. • Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve, primarily within the Houston region. Preferred Qualifications • Advanced degree preferred. • Professional certifications such as GICSP, CISSP, CISM, ISA/IEC 62443, or equivalent. • Strong knowledge of OT/ICS protocols (e.g., Modbus, DNP3, OPC, Profibus), network architectures, and common vulnerabilities. • Experience with cloud-based OT/ICS security solutions and IT/OT convergence initiatives. • Experience with OT/ICS cybersecurity technologies for asset discovery, vulnerability management, network monitoring, endpoint protection, and privileged access management. • Familiarity with industry standards and frameworks (e.g., NIST 800-82, IEC 62443, NERC CIP). • Experience conducting risk assessments, vulnerability management, and incident response in OT environments. • Strong communication skills, with the ability to present complex technical concepts to both technical and non-technical audiences. • Demonstrated leadership in project delivery and client engagement. • Prior consulting experience with a focus on critical infrastructure or industrial sectors. • Experience developing and delivering OT/ICS cybersecurity training programs. Skill(s) None Benefits Insurance - Health, Dental, & Vision PTO & 11 Federal Holidays 401(k) employer match Travel None Apply tot his job