OT Security Architect

OT Security Architect (part of Tata group) 3.9 3.9 out of 5 stars Must Have Technical/Functional Skills Proven leader with a strong background in OT cybersecurity architecture and execution, capable of designing and driving implementation of complex, multi-site solutions in manufacturing environments. Strong foundation in network engineering and infrastructure, with experience in network design, segmentation, and secure architecture—especially in hybrid IT/OT environments.

Delivered full lifecycle solutions including:

o Secure remote access o Network and OT segmentation (macro and micro) o OT IDMZ design and deployment o Proxy integrations o Legacy asset protection and internet restriction policies Hands-on experience with OT security platforms such as Claroty, Nozomi, or Ordr, integrated with NAC (Aruba or Cisco), firewalls, and identity-based controls. Deep experience in infrastructure implementation, including routing, switching, and zoning technologies within modern and legacy manufacturing networks. Expertise in domain architecture best practices for OT, including designing isolated OT domains, proper Active Directory (AD) trust models, and secure domain controller (DC) placement and hardening strategies. Experience addressing domain controller patching challenges in OT environments, including: o Developing segmentation strategies to isolate legacy systems from fully patched domain controllers o Designing dedicated legacy-supporting domain controllers with restricted access o Aligning firewall rules, DNS, and authentication flows to reduce risk from unpatched or constrained systems Skilled in developing and enforcing zoning and segmentation strategies, aligned with

ISA/IEC 62443, NIST

CSF, and the Purdue Model. Strong ability to coordinate across global sites, driving standardization of architecture, tooling, and governance. A vocal and assertive leader who can influence decisions, rally teams, and gain alignment across cybersecurity, IT, OT, and operations stakeholders. Excellent communicator with the ability to document strategy and architecture clearly and drive adoption from the boardroom to the plant floor. Demonstrated ability to manage technical debt, balance operational risk, and deliver scalable, resilient security solutions in production environments. Roles & Responsibilities Proven leader with a strong background in OT cybersecurity architecture and execution, capable of designing and driving implementation of complex, multi-site solutions in manufacturing environments. Strong foundation in network engineering and infrastructure, with experience in network design, segmentati on, and secure architecture—especially in hybrid IT/OT environments.

Delivered full lifecycle solutions including:

o Secure remote access o Network and OT segmentation (macro and micro) o OT IDMZ design and deployment o Proxy integrations o Legacy asset protection and internet restriction policies Hands-on experience with OT security platforms such as Claroty, Nozomi, or Ordr, integrated with NAC (Aruba or Cisco), firewalls, and identity-based controls. Deep experience in infrastructure implementation, including routing, switching, and zoning technologies within modern and legacy manufacturing networks. Expertise in domain architecture best practices for OT, including designing isolated OT domains, proper Active Directory (AD) trust models, and secure domain controller (DC) placement and hardening strategies. Experience addressing domain controller patching challenges in OT environments, including: o Developing segmentation strategies to isolate legacy systems from fully patched domain controllers o Designing dedicated legacy-supporting domain controllers with restricted access o Aligning firewall rules, DNS, and authentication flows to reduce risk from unpatched or constrained systems Skilled in developing and enforcing zoning and segmentation strategies, aligned with

ISA/IEC 62443, NIST

CSF, and the Purdue Model. Strong ability to coordinate across global sites, driving standardization of architecture, tooling, and governance. A vocal and assertive leader who can influence decisions, rally teams, and gain alignment across cybersecurity, IT, OT, and operations stakeholders. Excellent communicator with the ability to document strategy and architecture clearly and drive adoption from the boardroom to the plant floor. Demonstrated ability to manage technical debt, balance operational risk, and deliver scalable, resilient security solutions in production environments. Salary Range $140000-$170000 year

TCS Employee Benefits Summary:

Discretionary Annual Incentive.

Comprehensive Medical Coverage:

Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans.

Family Support:

Maternal & Parental Leaves.

Insurance Options:

Auto & Home Insurance, Identity Theft Protection.

Convenience & Professional Growth:

Commuter Benefits & Certification & amp; Training Reimbursement.

Time Off:

Vacation, Time Off, Sick Leave & Holidays.

Legal & Financial Assistance:

Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing. #LI-SP1 Location Arden Hills, MN Job Function

TECHNOLOGY

Role Technical Architect Job Id 398466 Desired Skills Design Salary Range $140,000-$170,000 a year

Desired Candidate Profile Qualifications :

BACHELOR OF COMPUTER

SCIENCE