Jobs · Research · Texas

Senior OT Cybersecurity & CRA Compliance Architect

Arnex Solutions LLC · Dallas, TX · 1 wk ago
ResearchFull-time

Role Summary

We are seeking an experienced OT Cybersecurity Architect to lead cybersecurity, cyber resilience, and regulatory compliance initiatives in a GMP-regulated pharmaceutical environment. The role focuses on Rockwell PLC (ControLogix/CompactLogix) systems, Ignition SCADA, and compliance with EU Cyber Resilience Act (CRA), IEC 62443/ISA99, ISA 95, GMP, and FDA 21 CFR Part 11.

Key Responsibilities

  • Lead CRA implementation and gap assessments for OT systems.
  • Define and maintain global OT reference architecture (Purdue model, zones & conduits, DMZ).
  • Secure and harden Rockwell PLCs and Ignition SCADA environments.
  • Perform OT cyber risk assessments and threat modelling.
  • Implement secure configuration baselines for servers and engineering workstations.
  • Ensure compliance with GMP & FDA 21 CFR Part 11 (audit trails, electronic records, RBAC).
  • Support Computer System Validation (CSV) documentation (URS/NFR/FS/DS/IQ/OQ/PQ).
  • Define patch management and vulnerability handling processes for validated OT systems.
  • Support audit readiness and regulatory inspections.

Required Skills & Expertise

  • OT & Automation
  • Rockwell ControlLogix / CompactLogix Studio 5000
  • Ethernet/IP
  • Ignition SCADA configuration & security
  • OPC / Industrial protocols
  • Cybersecurity
  • IEC 62443 implementation
  • Network segmentation & firewall design
  • Secure remote access architecture
  • Vulnerability & patch management (OT context)
  • Threat modeling & risk assessment
  • Regulatory & Compliance
  • EU Cyber Resilience Act (CRA)
  • GMP (Pharma manufacturing systems)
  • FDA 21 CFR Part 11
  • Computer Svstem Validation (CSV)
  • Change control in regulated environments
  • System Hardening
  • Windows Server hardening (SCADA, Historian, Engineering Stations)
  • Active Directory design and security for OT domains
  • CIS benchmarks & security baseline implementation
  • Group Policy (GPO) hardening and privilege management
  • Application listing (e.g., AppLocker)
  • Secure service configuration & port minimization
  • Local admin restriction & credential protection
  • Secure RDP configuration & jump server model
  • Patch validation in GMP-regulated environments
  • Backup integrity verification & disaster recovery validation
  • Log configuration, retention & audit trail protection

Experience Required

  • 8+ years in OT / ICS cybersecurity
  • 3+ years in Pharma or regulated industry
  • Hands-on experience with Rockwell PLC and Ignition SCADA

Preferred Certifications

  • IEC 62443 Cybersecurity Expert
  • GICSP / CISSP
  • Rockwell Automation certifications

Similar jobs