Summary: The Cyber Security Solutions Architect role focuses on designing and implementing secure, scalable architectures for Operational Technology (OT) systems, primarily in industrial or critical infrastructure environments. The position requires extensive experience in cybersecurity, risk assessment, and compliance, with a strong emphasis on operational technology convergence. The architect will lead various initiatives to enhance security measures across OT projects, ensuring alignment with enterprise standards and best practices. This role is mostly remote, with the client based in Reading.
Key Responsibilities:
- Lead architectural design for initiatives including Encryption of Control Data in Transit (ECDT), Vulnerability Tracking and Remediation (VTR), Human Machine Interface Hardening (HMIH), Zero Trust (ZT), Supply Chain Passport Process (SCPP), Engineer Laptop Hardening (ELH), and Data of Last Resort (DLR).
- Define and deliver logical and physical architectures, data lineage, integration architecture, application usage, and both high-level and low-level designs.
- Establish support models and ensure alignment with enterprise architecture standards, regulatory requirements, and cybersecurity best practices.
- Ensure architectural consistency, security, and alignment with enterprise standards across the full portfolio of OT projects.
Key Skills:
- Solid hands-on experience in Solutions Architecture.
- At least 2 years of experience working with Operational Technology (OT) systems.
- A minimum of 5 years of experience in Cybersecurity, including risk assessment and threat mitigation.
- Deep expertise in OT convergence, network segmentation, and system hardening.
- Strong understanding of cyber resilience principles and secure configuration practices.
- Proven experience with Multi-Factor Authentication (MFA) and Authentication Domain integration.
- Hands-on experience with encryption technologies and secure communication protocols.
- Familiarity with compliance frameworks including IEC 62443 and NIST 800 series.
- Knowledge of the Purdue model and its application in utility and industrial control environments.
- Experience with SaaS platforms and cloud-based security architecture is desirable.
Salary (Rate): undetermined
City: undetermined
Country: United Kingdom
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Cyber Security (OT) - Solutions Architect - mostly remote (client in Reading)
Skills/experience:
- Solutions Architecture: Solid hands-on experience designing and implementing enterprise level solutions.
- Operational Technology (OT) : Ideally 2 years working with OT systems, preferably in industrial or critical infrastructure environments.
- Cybersecurity : At least 5 years of experience in Cybersecurity, including risk assessment, threat mitigation, and compliance with industry standards.
The Solutions Architect will play a critical role in designing and delivering secure, scalable, and resilient architectures across all initiatives within the Operational Telemetry (OT) program. This role ensures architectural consistency, security, and alignment with enterprise standards across the full portfolio of OT projects.
Key responsibilities include leading the architectural design for initiatives such as:
- Encryption of Control Data in Transit (ECDT) - ensuring secure data transmission across OT systems.
- Vulnerability Tracking and Remediation (VTR) - enabling proactive identification and mitigation of vulnerabilities.
- Human Machine Interface Hardening (HMIH)
- Zero Trust (ZT)
- Supply Chain Passport Process (SCPP)
- Engineer Laptop Hardening (ELH)
- Data of Last Resort (DLR)
The architect will define and deliver logical and physical architectures, data lineage, integration architecture, application usage, and both high-level and low-level designs. They will also establish support models and ensure alignment with enterprise architecture standards, regulatory requirements, and cybersecurity best practices.
Tech & Domain Skills:
Required Skills and Experience:
- Deep expertise in Operational Technology (OT) convergence, network segmentation, and system hardening, with practical application across a broad range of OT initiatives including:
- Encryption of Control Data in Transit (ECDT), ensuring secure data transmission across OT systems
- Vulnerability Tracking and Remediation (VTR), enabling proactive identification and mitigation of vulnerabilities
- Human Machine Interface Hardening (HMIH)
- Zero Trust (ZT) - Network Access Control (NAC), Network Detect and Response (NDR), Endpoint Detect and Response (EDR)
- Supply Chain Passport Process (SCPP) - 3rd party supplier management framework and platform
- Engineer Laptop Hardening (ELH) - Windows laptop hardening (CIS Benchmarks), Secure Web Gateway.
- Data of Last Resort (DLR) - Automated backups & imutable backups
- Strong understanding of cyber resilience principles and secure configuration practices across diverse OT environments.
- Proven experience with Multi-Factor Authentication (MFA) and Authentication Domain integration (eg, Microsoft Active Directory, EntraID).
- Hands-on experience with encryption technologies (IPSEC, TLS, SDWAN) and secure communication protocols.
- Familiarity with securing OT-specific protocols such as MQTT, DNP3, and others.
- In-depth knowledge of compliance frameworks including IEC 62443, NIST 800 series, NIS-D, and NCSC Guidelines.
- Strong grasp of the Purdue model and its application within utility and industrial control environments.
- Awareness of penetration testing and secure deployment methodologies tailored to OT systems.
- Demonstrated experience in designing and documenting vulnerability tracking and remediation frameworks that support enterprise-wide OT security.
Desirable:
- Experience with SaaS platforms and cloud-based security architecture.
- Familiarity with data classification, DLP, and secure data flows.
- Experience with Azure DevOps (ADO) for daily work management and reporting.
- Experience with Bizz Design Horizon.
