CDTR-Cybersecurity - OT Security -Senior Associate -Bangalore

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in security architecture at PwC will focus on designing and implementing robust security frameworks to protect organisations from cyber threats. You will develop strategies and solutions to safeguard sensitive data and enable the integrity of systems and networks.

IT-OT Infrastructure & Operations

• Design, implement, and maintain secure IT-OT infrastructure ensuring reliability, performance, and cyber resilience.
• Provide expert technical support and resolve complex IT-OT integration and security issues to minimize downtime.
• Maintain a comprehensive asset inventory (wired, wireless, and IIoT) for visibility and configuration management.
• Act as a subject matter expert (SME) in OT security and infrastructure lifecycle management.
• OT Cybersecurity Governance & Implementation
• Develop, implement, and enforce cybersecurity policies and standards in alignment with SANS, IEC 62443, NIST, and CIS frameworks.
• Conduct security assessments, audits, and compliance reviews across control networks and critical systems.
• Integrate IDS/IPS and SIEM solutions to monitor and detect OT-specific cyber threats.
• Utilize OT cybersecurity monitoring tools (e.g., Dragos, Nozomi, Claroty, Armis) for continuous threat visibility and anomaly detection.
• Use network and infrastructure monitoring platforms (e.g., SolarWinds, Zabbix, NetBrain) for performance tracking, topology mapping, and proactive incident management.
• Maintain measurable compliance and security posture reporting for enterprise and regulatory requirements.
• Secure OT Migration & Deployment (Greenfield / Brownfield Projects)
• Lead secure OT migration initiatives for modernization or technology upgrades.
• Design greenfield OT environments with security integrated from concept to commissioning.
• Assess and retrofit brownfield environments, addressing vulnerabilities in legacy systems.
• Develop and execute migration roadmaps aligned with Purdue Model (Levels 0–5) for secure network segregation.
• Collaborate with engineering and operations teams to ensure secure deployment of new OT technologies.
• Security Architecture & Purdue Model Segmentation
• Architect secure OT network topologies aligned with the Purdue Enterprise Reference Architecture (PERA).
• Implement network segmentation (zones and conduits) to isolate critical control systems and prevent lateral movement.
• Configure and deploy firewalls, VLANs, routers, and switches using Cisco, Palo Alto Networks, or equivalent solutions.
• Conduct network segmentation reviews to ensure compliance with IEC 62443 and enterprise policies.
• Develop and document zoning, conduit policies, and access controls for OT systems.
• Wireless and IIoT Security
• Design and secure wireless OT communications (Wi-Fi, Bluetooth, LoRa, Zigbee, 4G/5G) used in IIoT and industrial telemetry.
• Implement wireless security controls such as 802.1X authentication, WPA3-Enterprise, and NAC.
• Perform wireless vulnerability assessments to detect rogue access points, weak encryption, or interference risks.
• Integrate wireless telemetry systems with enterprise SIEM and SOC platforms for unified visibility.
  
  

• Identify threats, vulnerabilities, and attack paths specific to industrial control systems and connected OT assets.
• Build security control libraries, design patterns, and reusable best practices mapped to industry standards.
• Evaluate and optimize existing controls and defense mechanisms to ensure a multi-layered security posture.
• Provide detailed configuration and deployment playbooks for consistent and secure implementation.
• Integration, Collaboration & Continuous Improvement
  
  

• Identify and remediate security gaps in solution designs, ensuring effective risk management.
• Support integration of OT monitoring platforms with enterprise-level analytics and response systems.
• Demonstrate operational excellence and continuous improvement across all project phases and engagements.
  
  

• Education: Bachelor’s or Master’s in Computer Science, Electrical, Electronics, or Industrial Engineering.
• Experience: 5–10 years in OT/ICS cybersecurity, network engineering, or industrial automation.
  
  

• SANS GICSP, GRID, GIAC ICS Defender, GCIP
• CISSP, CISM, CEH, CompTIA Security+ / CySA+
• ISA/IEC 62443 Expert / Practitioner