Industrial Control Systems (OT/ICS) Manager or Senior Consultant

Engineering and Product | Cyber Managed Services

Houston, Texas, United States

Position Summary

Deloitte Cyber Operational Technology / Industrial Control Systems (OT/ICS) Senior Consultant or Manager

Position Summary

As an OT/ICS Cybersecurity Architect at Deloitte, you will play a pivotal role in designing, implementing, and optimizing cybersecurity solutions for industrial environments. You will work with clients in energy, manufacturing, utilities, and other critical infrastructure sectors to secure operational technology (OT) and industrial control systems (ICS), ensuring the safety, reliability, and resilience of their operations. You will leverage your deep technical expertise, industry knowledge, and hands-on experience with leading OT/ICS security tools to deliver innovative solutions, lead project teams, and provide strategic guidance to clients.

Key Responsibilities

OT/ICS Security Architecture & Design

Lead the design and implementation of OT/ICS cybersecurity architectures, including network segmentation, secure remote access, and integration with IT security controls.
Develop and document security reference architectures, blueprints, and roadmaps tailored to client environments and industry standards (e.g., NIST 800-82, IEC 62443).
Evaluate, select, and deploy OT/ICS cybersecurity technologies, with hands-on experience in:
Conduct security acceptance testing and validation of new or updated OT systems to ensure compliance with security requirements and industry best practices.

Risk Assessment & Vulnerability Management

Perform consequence-based risk assessments for OT environments, utilizing methodologies such as Cyber Process Hazards Analysis (Cyber PHA) to identify, analyze, and prioritize cyber risks.
Lead vulnerability management efforts for OT/ICS assets, including the use of Claroty for vulnerability identification, risk scoring, and remediation planning.
Support clients in achieving regulatory compliance and readiness for audits related to OT/ICS cybersecurity.

Incident Response & Monitoring

Design and implement OT/ICS security monitoring solutions, leveraging tools such as CrowdStrike for endpoint and network monitoring, and Splunk for log aggregation and analytics.
Collaborate with IT and OT teams to develop and test incident response plans specific to industrial environments.
Integrate monitoring and alerting workflows with ServiceNow for streamlined incident management.

Governance, Policy, and Training

Develop and update OT/ICS cybersecurity policies, standards, procedures, and job aids.
Deliver training and awareness programs for client personnel, including plant operators, engineers, and third-party vendors.
Advise clients on governance frameworks and best practices for OT/ICS cybersecurity program development and maturity assessments.

Client Engagement & Leadership

Serve as a subject matter expert in client meetings, workshops, and presentations, especially regarding the deployment, integration, and optimization of OT/ICS security tools.
Lead project teams, mentor junior staff, and contribute to business development activities such as proposal writing and solution development.
Stay current on emerging OT/ICS threats, vulnerabilities, and technologies, and share insights with clients and internal teams.

Required Qualifications

Bachelor’s degree in Engineering, Computer Science, Information Security, or related field.
7+ years of experience in OT/ICS cybersecurity, including hands-on experience with industrial control systems (e.g., SCADA, DCS, PLCs) in sectors such as oil & gas, energy, utilities, or manufacturing.
4+ years of demonstrated experience designing and implementing OT/ICS security architectures and controls using tools such as Claroty, Palo Alto, Cradlepoint, CrowdStrike, BeyondTrust PRA, and familiarity with Cisco, ServiceNow, Splunk, and TxOne.
Limited immigration sponsorship may be available
Ability to travel up to 50%, on average, based on the work you do and the clients and industries/sectors you serve.

Preferred Qualifications

Advanced degree preferred.
Professional certifications such as GICSP, CISSP, CISM, ISA/IEC 62443, or equivalent.
Strong knowledge of OT/ICS protocols (e.g., Modbus, DNP3, OPC, Profibus), network architectures, and common vulnerabilities.
Experience with cloud-based OT/ICS security solutions and IT/OT convergence initiatives.
Experience with OT/ICS cybersecurity technologies for asset discovery, vulnerability management, network monitoring, endpoint protection, and privileged access management.
Familiarity with industry standards and frameworks (e.g., NIST 800-82, IEC 62443, NERC CIP).
Experience conducting risk assessments, vulnerability management, and incident response in OT environments.
Strong communication skills, with the ability to present complex technical concepts to both technical and non-technical audiences.
Demonstrated leadership in project delivery and client engagement.
Prior consulting experience with a focus on critical infrastructure or industrial sectors.
Experience developing and delivering OT/ICS cybersecurity training programs.

Deloitte is committed to providing reasonable accommodations for people with disabilities. If you require a reasonable accommodation to participate in the recruiting process, please direct your inquiries to the Global Call Center (GCC) at USTalentCICInbox@deloitte.com.

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

**Benefits**

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

**Our people and culture**

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ways of thinking, ideas, and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.

Our purpose

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more.

**Professional development**

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

As used in this posting, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see [www.deloitte.com/us/about](http://www.deloitte.com/us/about) for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Requisition code: 328302

Job ID 328302