OT Cybersecurity Architect :: Maple Grove, MN ( Onsite)

Hope you are doing well! I have an urgent requirement with one of my clients. Please find the job details below and forward me your updated resume along with your contact details [email protected] Cybersecurity ArchitectLocation :: Maple Grove, MN ( Onsite)Job Description· Minimum 10 years of experience in cybersecurity or network infrastructure. · Minimum 5 years Hands-on experience in OT security platforms such as Claroty, Nozomi, or Ordr, integrated with NAC (Aruba or Cisco), Checkpoint and Palo Alto firewalls, and identity-based controls· Minimum 5 years focused experience in OT/ICS environments· Familiarity with device classification for OT & Non-OT devices· Minimum 5 years in network and OT Security architecture design & implementation.· Minimum 3 years experience in leading the implementation of global OT cybersecurity programs· Proven leader with a strong background in OT cybersecurity architecture and execution, capable of designing and driving implementation of complex, multi-site solutions in manufacturing environments. Strong foundation in network engineering and infrastructure, with experience in network design, segmentation, and secure architecture especially in hybrid ITOT environments. · Delivered full lifecycle solutions including o Secure remote accesso Network and OT segmentation (macro and micro)o OT IDMZ design and deploymentSkills Required· Legacy asset protection and internet restriction policies Hands-on experience with OT security platforms such as Claroty, Nozomi, or Ordr, integrated with NAC (Aruba or Cisco), firewalls, and identity-based controls.· Deep experience in infrastructure implementation, including routing, switching, and zoning technologies within modern and legacy manufacturing networks. Expertise in domain architecture best practices for OT, including designing isolated OT domains, proper Active Directory (AD) trust models, and secure domain controller (DC) placement and hardening strategies. Experience addressing domain controller patching challenges in OT environments, including· Developing segmentation strategies to isolate legacy systems from fully patched domain controllers Designing dedicated legacy-supporting domain controllers with restricted access Aligning firewall rules, DNS, and authentication flows to reduce risk from unpatched or constrained systems Skilled in developing and enforcing zoning and segmentation strategies, aligned with ISAIEC 62443, NIST CSF, and the Purdue Model.Strong ability to coordinate across global sites, driving standardization of architecture, tooling, and governance. · A vocal and assertive leader who can influence decisions, rally teams, and gain alignment across cybersecurity, IT, OT, and operations stakeholders. · Excellent communicator with the ability to document strategy and architecture clearly and drive adoption from the boardroom to the plant floor. · Demonstrated ability to manage technical debt, balance operational risk, and deliver scalable, resilient security solutions in production environments• Apply tot his job