Cybersecurity Architect - Operational Technology (OT)

Cybersecurity Architect - Operational Technology (OT) & Informational Technology (IT)

Work Location: Remote (Onsite - 1 time a month)
Work Hours: 40 hours per week
Pay Rate: $70 per hour on C2C - all-in
$58 per hour on W2 - all-in

Cybersecurity Architect will serve a critical role in coordinating and executing advanced cybersecurity assessment, remediation, and architecture for Operational Technology (OT) and IT systems supporting the demanding and high-stakes environment of World Trade Center operations. This position requires a strong technical background in OT/IT security, expert knowledge of building management systems (BMS) and physical security technologies, and proven experience working within a government consulting or public-sector environments. The Architect will protect mission-critical systems and data, drive compliance, and lead technical teams to implement security strategies that align with agency policy and strategic objectives.

Key Responsibilities:

OT/IT Cybersecurity Assessment & Remediation

• Lead vulnerability and risk assessments for complex IT/OT environments, including Industrial Control Systems (ICS), Building Management Systems (BMS), physical security technologies (e.g., CCTV, access control), applications, and underlying network infrastructure.
• Coordinate and manage vulnerability scanning activities, generate detailed vulnerability reports, and drive cybersecurity remediation efforts in coordination with property management, system owners, and operations teams.
• Develop and implement forensic evaluation principles, models, and plans to support post-incident analysis and continuous security improvement.
• Coordinate with the Security Operations Center (SOC) and Technology Department CISO to manage and execute cybersecurity incident response workflows and procedures.
• Identify and document End-of-Life (EoL) physical assets within the OT/IT landscape and recommend mitigation and replacement strategies.

Technical Architecture & Compliance

• Review and provide expert security guidance on system design submittals, ensuring all new and modified OT/IT systems meet stringent security standards and agency requirements.
• Develop technical security strategies and countermeasures for malware protection, endpoint detection and response (EDR), and network segmentation for systems both on-premises and off-network.
• Ensure departmental IT requirements and security posture are aligned with agency-level cybersecurity strategy, leveraging and protecting information technology assets effectively.
• Document current and future-state IT/OT architecture using logical working models and views to illustrate efficient, sustainable, and adaptable security solutions.

Project Management & Stakeholder Engagement

• Serve as a technical lead and subject matter expert on high-priority cybersecurity projects, planning and scheduling project timelines, milestones, and deliverables using appropriate tools (e.g., Microsoft Project).
• Communicate project expectations, risks, and progress to executive stakeholders and technical teams in a timely and clear fashion, delivering high-quality progress reports and presentations.
• Proactively manage changes in project scope, identify potential crises, and devise effective contingency plans.
• Extremely mature and clear communication and client management skills.
• Lead, mentor, and transfer knowledge to junior engineers, property management, and third-party vendors responsible for maintaining IT/OT systems.

Technical Requirements

• The ideal candidate will possess 5 years of hands-on experience in a mid-level technical cybersecurity role, specializing in Secure System and Infrastructure Hardening Design, with a significant focus on critical infrastructure or government sector environments.
• Deep, demonstrable expertise in Operational Technology (OT) security, including a strong understanding of protocols (e.g., BACnet, Modbus, SCADA), common vulnerabilities, and security best practices for ICS/BMS (Building Management Systems) and physical access/surveillance technologies.
• Expert-level knowledge of network security components (e.g., firewalls, intrusion detection/prevention systems, secure remote access solutions) and network segmentation principles in a converged IT/OT environment.
• Advanced proficiency in securing diverse operating systems, including Microsoft Windows (server and desktop) and Linux/Unix environments, with a focus on hardening, logging, and patch management.
• Proven ability to conduct detailed endpoint investigations, identifying and containing Indicators of Compromise (IOCs), creating event timelines, and developing advanced solutions for on- and off-premises endpoint protection.
• Experience with and proficiency in vulnerability assessment tools (e.g., Qualys, Nessus, MS Baseline Analyzer) and methodologies for effective data organization and analysis.
• Solid experience developing and implementing security policies, standards, and incident response procedures (e.g., NIST, ISO 27001, CISA/DHS guidelines) tailored to critical infrastructure.

Required Professional Qualifications

• Mid-Level Government/Critical Infrastructure Consulting Experience: Proven background (3 years) working directly on high-impact projects for government agencies, public authorities, or critical infrastructure sectors (e.g., transportation, utilities, ports).
• Demonstrated Interpersonal and Communication Skills: Exceptional ability to translate complex technical risks and solutions into business terms for non-technical stakeholders and executive leadership.
• Security Certifications (Highly Preferred): One or more of the following are strongly desired: CISSP, GICSP (Global Industrial Cyber Security Professional), CSSA (Certified SCADA Security Architect), or relevant GIAC certifications.
• Project Management Acumen: Proven experience in managing full-scale technical project plans, setting milestones, and delivering project documentation under strict deadlines.
• Software Proficiency: Expert command of the Microsoft Office Suite (Word, Excel, PowerPoint), including advanced presentation development and workflow documentation. Proficiency with SharePoint and cloud security concepts is a plus.
• Education: A Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field. (A Master’s degree is preferred).