Job title: chief enterprise security architect
this leadership role is responsible for designing, implementing, and maintaining a secure enterprise environment. The ideal candidate will have expertise in securing hybrid it/ot environments and large-scale networks.
the senior manager - security architecture, network, and ot/iot security reports to the ciso and drives the secure design of infrastructure and operational technology environments, ensuring alignment with business risk appetite and zero-trust principles. The role partners with it, engineering, product, and operations to protect both digital and physical assets from evolving threats.
responsibilities:
* define and maintain the enterprise security reference architecture covering network, endpoint, cloud, and ot domains.
* establish zero‑trust and network segmentation standards, ensuring consistent enforcement across it and ot.
* evaluate emerging technologies and guide the adoption of secure architectures (e.g., sase, micro‑segmentation, secure connectivity for iot devices).
* own strategy and operations for perimeter, internal, and cloud network security (firewalls, nac, ids/ips, vpn, proxy, ddos, etc.).
* oversee configuration baselines, policy hygiene, and threat detection in coordination with the secops and infra teams.
* collaborate with it infrastructure teams to ensure network performance and security are jointly optimized.
* define network‑level controls for vendor access, remote maintenance, and third‑party integration.
* develop and maintain security standards for manufacturing systems, control networks, and connected devices.
* implement segmentation and monitoring between it and ot environments to minimize lateral movement.
* partner with plant operations and product engineering to secure plcs, hmis, gateways, and embedded components.
* coordinate the vulnerability management program for ot and iot assets, including patch strategy, risk acceptance, and compensating controls.
* support secure product lifecycle from factory floor to field deployment — covering firmware signing, device onboarding, and telemetry protection.
* coordinate incident response playbooks for ot/iot security events with operations and secops teams.
* maintain transparent communication by appropriately communicating relevant information to the larger it team as needed.
* protect our reputation by keeping information confidential.
* maintain professional and technical knowledge by attending educational workshops, professional publications, establishing personal networks, and participating in professional societies.
* contribute to the team effort by accomplishing related results and participating on projects as needed.
* comply with health and safety guidelines and rules; managers should also ensure compliance across their teams.
* motivate and lead a high-performance team by attracting, developing, engaging and retaining team members. Lead and motivate individuals and teams to create a workplace culture that is consistent with our mission, vision and values.
* drive the performance management and compensation processes by communicating job expectations, monitoring and evaluating performance, providing feedback and facilitating employee development per our policies.
* maintain transparent communication by appropriately communicating organization information to team through department meetings, one-on-one meetings, appropriate email, im and regular interpersonal communications.
requirements:
* bachelor's degree in business, technology or related field from an accredited college is required. Master's degree is a plus.
* cissp, cisa or equivalent.
experience:
* 10–15 years of experience in cybersecurity, including 5+ years leading network and/or ot security functions in a global manufacturing corporation.
* proven experience securing hybrid it/ot environments, large-scale networks, or connected device ecosystems.
* deep familiarity with regulatory and industry standards relevant to manufacturing and iot.
key skills and abilities:
* network architecture, routing, and segmentation best practices (cisco, palo alto, fortinet, zscaler).
* zero-trust networking, identity-aware proxies, and secure remote access patterns.
* cloud networking and security (aws vpc, azure vnets, hybrid interconnects).
* strong architecture documentation and modeling (visio, lucidchart, archimate).
* vendor and stakeholder management across it, plant, and engineering.
* excellent communication and presentation abilities for executive audiences.
* leadership in cross-functional environments — guiding network engineers, architects, and ot specialists.
* influence enterprise and manufacturing leadership toward secure-by-design practices.
* respond decisively to network or ot security incidents with composure and clarity.
seniority level:
* mid-senior level
employment type:
* full-time
job function:
* information technology and engineering
industries:
* it system operations and maintenance, data infrastructure and analytics, and it system design services
],