Operational Technology Cybersecurity & Solutions Architect

Henderson Engineers is seeking an Operational Technology (OT) Cybersecurity & Solutions Architect to join our team.  The (OT) Cybersecurity & Solutions Architect Manager is responsible for researching, developing, and incorporating knowledge and best practices in operational technology cybersecurity and solutions architecture throughout external and internal client engagements. They define and communicate a shared technical vision to consulting services clients, conducting cybersecurity planning and assessments, ensuring compliance with industry regulations, providing consultancy services to building owners, and leading a team of cybersecurity and solutions consultants. They safeguard our clients' information assets and ensure that systems and solutions under development are fit for their intended purpose. A key focus of this position is to provide continued support for facilities, ensuring ongoing protection, adaptation of cybersecurity measures, and technical optimization throughout the lifecycle of building systems.

Minimum Qualifications for the Role are:

• Bachelor's degree in cybersecurity, computer science, information technology, information systems, engineering, or a related field is required.
• Minimum 10 years of experience in network and solutions architecture, providing consultancy services to building owners and operators, designing, and overseeing the implementation of scalable, secure, and cost-effective solutions required. Experience should include a minimum of 8 years of relevant experience in OT cybersecurity coupled with at least 5 years being in a leadership or management role, demonstrating a proven track record of technical excellence and strategic influence.
• Relevant cybersecurity certifications are required, such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager) and/or GICSP (Global Industrial Cyber Security Professional).
• Additional relevant industry certifications in network design and/or cloud are required, such as CompTIA Network+, CCNA, CCDP, CCIE, CompTIA Cloud+, Azure and/or AWS).
• Advanced knowledge of cybersecurity principles, techniques, and technologies.
• Proficiency in conducting risk assessments, vulnerability assessments, and threat modeling.
• Experience with security tools and technologies such as firewalls, anti-malware solutions, and intrusion detection and prevention systems (IDPS).
• Advanced experience with programming and/or scripting languages (e.g., C#, SQL).
• Advanced knowledge of API technologies and integration solutions.
• Proficiency with cloud-based technologies, particularly with Amazon AWS, Microsoft Azure and PaaS solutions.
• Experience with network architecture, data architecture, and analytics layer design.
• Familiarity with enterprise data warehouse architectures, data integration, and analytics systems.
• Strong understanding of security architecture, including implementing security measures and ensuring compliance with industry regulations and standards (e.g., NIST, IEC 62443, ISO 27001, PCI-DSS, GDPR).
• Experience in providing ongoing support and maintenance of cybersecurity measures and technical solutions in operational facilities.
• Proficiency with relevant software tools, including Metasploit Framework, Nmap, Bluebeam Revu, and Microsoft Office Suite.
• Excellent leadership and team management skills.
• Strong problem-solving and analytical abilities.
• Exceptional written and verbal communication skills.
• Ability to prioritize and execute multiple tasks in a dynamic environment.
• Team-oriented with the ability to function in a highly collaborative environment as well as work independently.
• High technical aptitude with the ability to learn, understand, and utilize various systems and processes.
• Adaptable to changing work environments, priorities, and organizational needs.
• Self-starter, proactive, and willing to help others as needed.
• Ability to exercise sound judgment in determining priorities.
• Strong organizational and project management skills to handle multiple concurrent assignments in a timely manner.
• Must demonstrate proficiency in all core competencies as described.

Preferred Qualifications:

• Master’s degree is preferred.
• Knowledge of Industry 4.0 is preferred.

Physical & Other Requirements:

• Ability to travel to client sites as required.
• Other duties as assigned.
• Prolonged periods of sitting or standing at a desk and working on a computer.
• Ability to read, write and communicate in English.

Skills and Duties you will be Responsible for while in this role:

Cybersecurity Strategy & Solution Architecture

• Develop and implement comprehensive cybersecurity and technical strategies aligned with clients’ organizational goals and industry best practices.

• Establish and enforce security policies, procedures, and standards specific to our design services, products, and client facilities.
• Lead the design and implementation of secure, scalable, and reliable network architectures and systems, ensuring the protection of critical assets for new and existing facilities.
• Develop and document OT system solutions, ensuring alignment with enterprise standards and frameworks.
• Design OT systems that are scalable, secure, and cost-effective by gaining a deep understanding of the dynamic technology stacks with various degrees of legacy upgrade potential.
• Lead converged OT network design standard practices across internal resources.
• Apply extensive knowledge of network architecture (IT and OT) during client consulting engagements on the front end and through design processes on the back end.

Risk Assessment & Management   

• Guide clients through threat modeling and risk assessments to identify potential security weaknesses in both design and operational phases.

• Maintain the threat model as the primary success indicator throughout design and operational phases.
• Develop and implement risk mitigation strategies to address identified vulnerabilities.

Client Consultancy & Facility Support     

• Provide cybersecurity and technical consultancy services to building owners and operators, identifying specific needs and challenges.
• Develop tailored cybersecurity and technical solutions for client facilities, ensuring systems remain secure and optimized over time.
• Offer continued support and maintenance for cybersecurity measures and technical solutions in facilities, adapting strategies to evolving threats and technologies.
• Conduct regular reviews and updates of cybersecurity measures and technical systems in existing facilities to ensure ongoing compliance and effectiveness.
• Closely collaborate and coordinate facility related control system strategies with other internal and/or external design disciplines such as sustainability, MEP, fire and life safety, lighting, vertical & horizontal transportation (elevators/escalators/people movers), telecom, security, AV etc.

Team Leadership & Development  

• Lead, mentor, and manage a team of cybersecurity and solutions consultants, providing direction and opportunities for professional growth.

• Foster a culture of security awareness, technical excellence, and continuous improvement within the team and organization.
• Collaborate with cross-functional teams to integrate cybersecurity best practices and innovative solutions into all aspects of design, product development, and facility management.

Client Experience       

• Communicate effectively with clients to develop and coordinate cybersecurity and technical requirements and scope of work.
• Maintain proactive communication throughout project cycles, anticipating and addressing client questions and concerns.
• Assist in resolving conflicts involving building owners and representatives, building architects, contractors, and facility managers related to cybersecurity and OT technical matters.

Technology Evaluation & Innovation        

• Influence and drive innovation in operational technology by staying abreast of industry trends and emerging technologies.
• Evaluate and recommend new technologies and methodologies to enhance the company's service offerings and competitive edge.
• Develop and maintain solutions architecture models, templates, standards and procedures that can be used to leverage and optimize capabilities in projects and operations.
• Conduct proof-of-concept initiatives to validate the feasibility of new cybersecurity and OT solutions.
• Evaluate third-party solutions, products, and vendors for compatibility.
• Optimize solutions to be cost-effective by managing resources efficiently.

Integration Strategy & Implementation     

• Research, develop and incorporate knowledge of data exchange methodologies to design and optimize data communications and integration strategies.
• Design and implement integration solutions that connect new systems with existing data and systems.
• Provide internal and external development teams with technical implementation and programming support.

Security & Compliance         

• Define and oversee the implementation of security measures and ensure compliance with industry and regulatory standards to protect sensitive data.
• Develop guidance and recommendations for compliance with relevant standards (e.g., NIST, IEC 62443, ISO 27001, PCI-DSS, GDPR).

Business Development         

• Leverage opportunities and relationships internally across Henderson Companies and externally across the industry to develop business growth.
• Lead and assist in developing and maintaining relationships with strategic partners and clients to support business development activities.
• Participate in client meetings, industry events, and conferences to build professional relationships and stay current with emerging trends in cybersecurity and OT solutions.
• Identify opportunities to expand services, including offering ongoing support and consultancy for facility cybersecurity and technical solutions.

Continuous Learning & Development      

• Stay updated on the latest cybersecurity and technology trends, threats, and best practices.
• Proactively seek opportunities for continuous learning and understanding of industry software and tools relevant to cybersecurity and solutions architecture.
• Share knowledge and updates related to technical and process improvements with peers and leaders.

Project Management  

• Perform project management activities, including managing communications, coordinating scope and schedule, and ensuring project quality.
• Respond to client inquiries and coordinate project delivery with a focus on cybersecurity and technical requirements.
• Support the coordination of design teams to ensure cybersecurity and technical solutions are integrated into all projects and facility operations.