Job Description
Remote; Must be in San Fran with occasional onsite visits.
Position Overview:-
We are seeking an experienced OT Network Security Architect to assess and design secure network architectures for operational technology environments within electric utilities. The candidate will have deep expertise in industrial network segmentation, security tooling, and OT/IT convergence strategies, with a focus on maintaining operational reliability while enhancing security posture.
Primary Responsibilities
- Assess existing OT network architecture and segmentation strategies
- Evaluate industrial firewall deployments & zone-based security controls
- Review Active Directory infrastructure and trust relationships across OT/IT boundaries
- Assess security monitoring capabilities including SIEM implementation and log management
- Evaluate vulnerability management and patch deployment processes for OT assets
- Design secure architecture patterns for OT/IT integration
- Develop network segmentation strategies aligned with Purdue Model and IEC 62443
- Create security architecture roadmaps and implementation guidelines
- Review existing security tools and recommend improvements for OT environment coverage
Required Qualifications
- Minimum 8 years of experience in network security architecture, with at least 5 years focused on OT/ICS environments
- Extensive experience with industrial firewall platforms (Cisco, Palo Alto, Fortinet, etc.)
- Deep knowledge of Active Directory design and security in OT contexts
- Strong background in SIEM technologies and security monitoring architectures
- Experience with vulnerability management tools and patch management systems for OT
- Understanding of NERC-CIP network security requirements
- Proven experience designing DMZ architectures for OT/IT integration
- Knowledge of OT protocols (Modbus, DNP3, IEC 61850, etc.)
- Experience with network segmentation in compliance with IEC 62443
Preferred Qualifications
- Experience with OT security tools (Dragos, Claroty, Nozomi, etc.)
- Background in designing zero-trust architectures for OT environments
- Experience with OT asset management and visibility tools
- Familiarity with cloud security architecture for OT integration
- Background in designing secure remote access solutions for OT
Required Skills
- Strong network architecture design capabilities
- Deep understanding of industrial protocols and their security implications
- Experience with network security tool selection and implementation
- Knowledge of security monitoring and incident response processes
- Ability to create detailed architecture documentation and diagrams
- Experience preparing technical specifications and requirements
- Understanding of OT reliability requirements and their impact on security design
Technical Knowledge Requirements
- Network Security Architectures
- Industrial firewalls and segmentation
- DMZ design and implementation
- Micro-segmentation technologies
- VLANs and network isolation strategies
- Remote access security
- Identity and Access Management
- Active Directory design and security
- Privileged Access Management
- Role-based access control
- Trust relationship management
- Security Monitoring
- SIEM architecture and implementation
- Log management and retention
- Security metric development
- Alert correlation and analysis
- Network monitoring tools
- Vulnerability Management
- Patch management systems
- Vulnerability scanning tools
- Compensating controls
- Risk assessment methodologies
For quick interview and submission, please email me ALL of the following details:
- First and Last name as it appears on your passport:
- Anything we should know about you for presentation (this is our chance to showcase why this consultant is amazing compared to their competition):
- Reason you are looking for a change (detailed explanation or don't bother):
- Communication skills/C-Level interaction (1-10):
- Leadership skills/presence (1-10):
- Hourly rate, all-inclusive:
- US Work Status:
- Resume in MS Word:
- Education and pertinent certs - degree, year, university:
- Availability to start (Remote)
- Email and phone number:
- LinkedIn Profile (must have pic):
- Are you TEAMS/video interview ready (Y/N):
Current location (must be SFO):
Job Tags
Hourly pay, Remote job,