Senior Enterprise Security Architect – OT/ICS, Network & Physical Security Controls

We are seeking an experienced Senior Enterprise Security Architect to support the design, implementation, and governance of advanced security controls across a large-scale, enterprise-grade environment. The role focuses on securing complex infrastructures, including Operational Technology (OT), Industrial Control Systems (ICS), and integrated physical security ecosystems.

The successful candidate will ensure alignment with organizational security standards and regulatory frameworks while providing expert-level guidance on security architecture, validation, and operational resilience. This role involves close collaboration with internal teams and external contractors to enforce security compliance across critical infrastructure and city-scale assets.

• Proven experience in enterprise security architecture with a strong focus on OT/ICS environments
• Deep expertise in network security controls, including PAM, NAC, endpoint security, and firewalls
• Hands-on experience with physical security systems (e.g., CCTV, Access Control Systems)
• Strong knowledge of security frameworks and standards such as HCIS, NCA-ECC, and IEC 62443
• Experience in security validation, compliance assessments, and contractor deliverable reviews
• Solid understanding of security hardening practices and baseline configuration standards
• Relevant industry certifications such as CISSP, GCIA, or equivalent are required
• Ability to operate at both strategic (architecture/governance) and operational (implementation/support) levels
• Strong analytical skills and the ability to work within complex, large-scale environments

• Design, implement, and manage enterprise security controls, including firewalls, Web Application Firewalls (WAF), Privileged Access Management (PAM), Zscaler, and Qualys solutions
• Ensure all security designs comply with organizational security standards, policies, and architecture guidelines
• Provide expert-level support and troubleshooting for network security infrastructure
• Validate third-party and contractor implementations against the defined master security architecture
• Oversee and coordinate testing and validation of security controls across infrastructure assets and environments
• Define and enforce security hardening baselines across systems and platforms
• Support governance and continuous improvement of security architecture within OT/ICS and physical security domains
• Collaborate with cross-functional teams to ensure secure integration of physical security systems such as CCTV and Access Control Systems (ACS)

Work performed at the client's site.