Industrial Automation and Control System Cybersecurity Group Lead

About the Job:

We are seeking a highly skilled IACS/OT Cybersecurity Consultant Group Lead to join our growing team. The ideal candidate will develop, guide, and mentor a growing team and actively engage in project work, ensuring high-quality delivery as our team expands. This dual role requires both strategic oversight and hands-on involvement to drive success. This candidate will be able to provide expert advisory and technical support to help clients design, implement, and maintain robust cybersecurity solutions for Industrial Automation and Control Systems (IACS) and Operational Technology (OT) environments. This role involves conducting risk assessments, designing secure network architectures, and implementing strategies to ensure the security, safety, and operational continuity of critical industrial processes.

What You’ll Do:

• Lead a team to conduct cybersecurity risk and vulnerability assessments for IACS/OT environments, including SCADA, DCS, and IIoT systems, ensuring compliance with industry standards (e.g., IEC 62443, NIST SP 800-82).
• Design, implement, and maintain cybersecurity controls and solutions (e.g., firewalls, network segmentation, anti-virus, and application whitelisting) tailored to industrial control systems.
• Develop and execute incident response plans, disaster recovery strategies, and post-event analysis to ensure quick and efficient recovery from cybersecurity breaches.
• Recommend and implement secure OT network designs and protocols, such as zones and conduits, for optimal data transfer, security, and operational efficiency.
• Provide consulting services to clients, guiding them in enhancing cybersecurity maturity, developing cybersecurity frameworks, and ensuring the secure deployment of IACS/OT systems.
• Ensure all cybersecurity measures meet industry regulations, including NIST, IEC 62443, NERC CIP, and other relevant standards.
• Develop and deliver cybersecurity awareness and training programs tailored to ICS/OT environments, ensuring clients’ personnel understand best practices and risk mitigation strategies.
• Prepare technical and non-technical documentation, including risk assessments, mitigation plans, and cybersecurity policy recommendations, for various stakeholders.
• Lead and collaborate with cross-functional teams, helping clients implement cybersecurity best practices while driving team efforts toward project success.

Job Requirements:

• Bachelor's or Master's degree in Automation, Electronics, Computer Science (IT), or related fields, or equivalent experience in IT/OT cybersecurity.
• 7+ years in IACS/OT cybersecurity, including 3+ years in a leadership role, and 10+ years overall in IT/OT cybersecurity, preferably in the chemical/process industry or consulting.
• Demonstrated success within a cybersecurity consultancy context, with proven ability to attract, acquire, and develop client relationships.
• Proficient in designing, commissioning, and maintaining IACS systems such as SCADA, EMS, DCS, RTU, BPCS, and PLCs, and in troubleshooting industrial protocols like OPC, Modbus TCP, and HART.
• In-depth knowledge of cybersecurity standards such as IEC 62443/ISA 99, NIST SP 800-82, and NERC CIP.
• Familiar with sensor technologies and characteristics Safety Instrumented System (SIS) model validation calculations, including SIL, reliability, and availability assessments.
• Experience in the conceptual and detailed design of control and information systems, including developing Cybersecurity Requirements Specifications (CRS) and client work packages.
• Knowledgeable in defining system architecture layouts, zones, conduits, flow models, and vulnerability analysis to reduce cybersecurity risks in IACS environments.
• Capable of recommending communication media, network architecture, protocols, and designing efficient data transfer methodologies to ensure IACS reliability and security.
• Able to provide IACS/OT security consulting services and implement security strategies to mitigate cybersecurity risks and optimize system performance.
• Experienced in IACS/OT cyber-incident response planning, countermeasures, post-event recovery, and CRS documentation.
• Proven ability to lead teams researching, designing, developing, and modifying control systems for industrial processes, ensuring compliance with safety and performance standards.
• Strong written and verbal communication skills, able to produce technical and non-technical documents for diverse audiences. Holding cybersecurity certifications (e.g., CSSA, CACE, CISSP) is an asset.
• Ability/willingness for frequent travel (on average 25-50%) within the US, with occasional international travel for client work and conferences. A valid driver's license is required.

Preferred Qualifications:

• Experience in OT/IACS cybersecurity within industries such as manufacturing, oil and gas, hydrogen production, utilities, or transportation.
• Hands-on experience with incident response and cybersecurity audits in industrial environments.
• Understanding of the unique requirements and constraints of IACS/OT environments compared to traditional IT systems.