Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
Senior OT Cybersecurity & CRA Compliance Architect Bedford, MA Hybrid work Full-time Full-time Position Overview We are seeking a highly experienced Senior OT Cybersecurity & CRA Compliance Architect to lead cybersecurity architecture, cyber resilience, and regulatory compliance initiatives within a GMP-regulated pharmaceutical manufacturing environment. This role will be responsible for designing, implementing, and governing secure Operational Technology (OT) environments, with a strong focus on Rockwell Automation PLC platforms (ControlLogix, CompactLogix) and Ignition SCADA systems . The successful candidate will play a critical role in ensuring compliance with the EU Cyber Resilience Act (CRA) , IEC 62443/ISA99 , ISA-95 , GMP , and
FDA 21 CFR
Part 11 requirements while supporting digital transformation and manufacturing modernization initiatives. The position requires a blend of OT cybersecurity expertise, regulatory compliance knowledge, and pharmaceutical manufacturing experience. Key Responsibilities OT Cybersecurity Architecture & Strategy Lead the development, implementation, and continuous improvement of OT cybersecurity architecture across manufacturing and laboratory environments. Define and maintain enterprise OT reference architectures aligned with the Purdue Enterprise Reference Architecture, including network segmentation, zones and conduits, and industrial DMZ design. Develop cybersecurity standards, policies, and technical guidelines for industrial control systems and manufacturing platforms. Collaborate with engineering, automation, validation, quality, and IT teams to integrate cybersecurity requirements into project lifecycles. Cyber Resilience & Regulatory Compliance Lead Cyber Resilience Act (CRA) implementation programs, readiness assessments, and remediation initiatives. Conduct cybersecurity gap assessments against
IEC 62443, ISA99, NIST
Cybersecurity Framework, and pharmaceutical industry best practices. Establish governance frameworks to ensure ongoing compliance with applicable regulatory and cybersecurity requirements. Support regulatory inspections, internal audits, and customer audits related to cybersecurity and compliance. Industrial Control Systems Security Secure, harden, and maintain Rockwell Automation environments, including ControlLogix, CompactLogix, FactoryTalk, and associated engineering platforms. Design and implement secure architectures for Ignition SCADA systems and supporting infrastructure. Define and maintain secure configuration baselines for servers, engineering workstations, HMIs, and industrial network components. Evaluate and implement cybersecurity controls for OT assets, including access management, logging, monitoring, and network security. Risk Management & Vulnerability Management Perform OT cybersecurity risk assessments, threat modelling, and security impact analyses. Identify vulnerabilities and develop mitigation strategies while maintaining validated system status. Define and oversee patch management and vulnerability remediation processes for validated GMP systems. Support incident response planning, cyber resilience testing, disaster recovery, and business continuity initiatives. GMP, Validation & Data Integrity Ensure compliance with GMP requirements and
FDA 21 CFR
Part 11 regulations, including: Electronic records and signatures Audit trail integrity Role-based access control (RBAC) Data integrity controls Support Computer System Validation (CSV) activities and documentation, including: User Requirements Specifications (URS) Non-Functional Requirements (NFR) Functional Specifications (FS) Design Specifications (DS) Installation Qualification (IQ) Operational Qualification (OQ) Performance Qualification (PQ) Provide cybersecurity expertise during validation and change control processes. Stakeholder Engagement Serve as a trusted advisor to manufacturing, quality, validation, engineering, and IT leadership teams. Provide technical guidance and mentorship to engineering and cybersecurity teams. Support strategic initiatives related to smart manufacturing, digital transformation, and OT modernization. Requirements Required Qualifications Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Technology, Automation Engineering, or a related discipline. 10+ years of experience in OT cybersecurity, industrial automation, or control systems engineering. 5+ years of experience within pharmaceutical, biotechnology, life sciences, or other regulated manufacturing environments.
Hands-on experience with:
Rockwell ControlLogix and CompactLogix PLC platforms Ignition SCADA Industrial networking and segmentation OT infrastructure hardening Strong knowledge of: EU Cyber Resilience Act (CRA)
IEC 62443 / ISA99 ISA-95 NIST
Cybersecurity Framework GMP regulations
FDA 21 CFR
Part 11 Experience conducting cybersecurity assessments, threat modelling, and remediation planning. Experience supporting CSV and validation activities in regulated environments. Excellent communication and stakeholder management skills. Preferred Qualifications Professional certifications such as:
ISC2 CISSP ISACA CISM GIAC GICSP IEC 62443
Cybersecurity Expert Certification Experience with FactoryTalk Suite, MES platforms, historians, and manufacturing execution systems. Knowledge of cloud-connected industrial environments and Industrial IoT security. Experience supporting global pharmaceutical manufacturing networks and multi-site OT environments. Key Competencies OT Cybersecurity Architecture Cyber Resilience & CRA Compliance Industrial Control Systems Security Pharmaceutical Regulatory Compliance Risk Assessment & Threat Modelling GMP & Data Integrity Computer System Validation (CSV) Stakeholder Management Strategic Leadership Problem Solving & Continuous Improvement Why Join Us? This is an opportunity to play a critical role in securing next-generation pharmaceutical manufacturing environments while shaping cybersecurity and compliance strategies across highly regulated OT ecosystems. You will work at the intersection of industrial automation, cybersecurity, and regulatory excellence, helping ensure resilient and compliant operations that support the delivery of life-changing therapies to patients worldwide.
