OT Security Architect / Consultant, Lyon

A senior, customer-oriented

OT Security Architect / Consultant

with strong expertise in industrial cybersecurity, secure architecture design, and advisory services for complex industrial environments. This role combines deep technical knowledge with consulting capabilities, helping customers assess, design, and evolve their OT cybersecurity posture in a pragmatic and operationally realistic way.

The

OT Security Architect / Consultant

acts as a trusted advisor for customers and internal teams, supporting both strategic initiatives and technical solution definition. They understand industrial processes, legacy constraints, operational risks, and cybersecurity best practices, and are able to translate them into scalable, maintainable, and secure OT environments.

This role goes beyond implementation and focuses on architecture, consulting, risk reduction, governance, and technical leadership across OT cybersecurity projects.

Core Responsibilities OT Security Consulting&Advisory Act as a trusted advisor for customers on OT cybersecurity topics:

Assess customer OT environments, cybersecurity maturity, and operational risks

Support customers in defining OT cybersecurity strategies and roadmaps

Conduct workshops, technical assessments, and advisory sessions

Identify security gaps and propose realistic mitigation strategies

Help customers balance cybersecurity, operational continuity, maintainability, and budget constraints

Provide guidance aligned with industrial best practices and regulatory requirements

Support customers in areas such as:

OT network segmentation and zoning

Secure remote access

OT visibility and monitoring

OT/IT convergence

Asset inventory and risk management

OT governance and cybersecurity maturity improvement

OT Security Architecture&Design Design and define secure OT architectures for industrial environments, including:

Network segmentation aligned with Purdue / IEC 62443

Secure connectivity between OT, IT, DMZ, cloud, and remote systems

Firewall placement and rule design concepts

Industrial network topologies and trust boundaries

Secure infrastructure layouts for OT servers, applications, and virtualization platforms

High-availability and operational continuity considerations

Produce:

Architecture diagrams and technical documentation

High-level and detailed technical designs

Security recommendations and remediation plans

Technical standards and reference architectures

Risk Assessments&Compliance Lead or support OT cybersecurity assessments, including:

OT risk assessments

Security posture reviews

Architecture reviews

Gap analyses against IEC 62443 or customer standards

Security improvement recommendations

Support customers in:

Defining remediation roadmaps

Prioritizing mitigation actions

Improving OT cybersecurity governance

Aligning with cybersecurity frameworks and standards

Technical Governance&Standards

Define and promote OT security best practices and architectural standards

Ensure alignment with IEC 62443 and Purdue principles

Review and validate OT security designs and technical approaches

Support internal engineering teams with architectural guidance

Contribute to reusable methodologies, templates, and design patterns

Participate in internal capability development and knowledge sharing

Pre-Sales&Customer Engagement Support

Participate in customer meetings and technical workshops

Help define solution scope and technical assumptions

Support proposal creation and effort estimation

Translate customer requirements into realistic technical solutions

Provide architecture guidance during bid and discovery phases

Act as the technical bridge between:

Customers

Sales teams

Delivery teams

OT engineers

IT cybersecurity teams

Collaboration&Leadership

Work closely with OT security engineers, Automation and control system specialists, IT security teams, Project managers, Sales and account teams, External partners and technology vendors

Provide technical leadership during architecture and consulting activities

Mentorship for junior engineers or consultants

Guidance during critical project phases

Support during audits, design reviews, and customer escalations

Required Technical Expertise Strong expertise in OT cybersecurity and industrial networking, including:

SCADA, PLCs, DCS, and industrial communication protocols

Purdue model and IEC 62443 concepts

Network segmentation and zoning

Firewall and DMZ architecture principles

Secure remote access solutions

OT monitoring and asset visibility solutions

Industrial network design and restructuring

OT/IT integration concepts

Hands-on or design-level experience with:

Fortinet solutions

Cisco industrial networking

Palo Alto firewalls

Nozomi Networks or similar OT monitoring platforms

Active Directory in hybrid IT/OT environments

Virtualization and server infrastructure concepts

Good understanding of:

Continuous monitoring technologies

Industrial operational constraints

Risk management methodologiesSecure architecture principles

Soft Skills&Mindset

Strong analytical and problem-solving mindset

Able to understand both technical and operational realities

Excellent communication and consulting skills

Comfortable engaging with technical and non-technical stakeholders

Pragmatic and solution-oriented approach

Structured thinker with strong documentation capabilities

Collaborative and team-oriented mindset

Able to influence decisions through expertise and credibility

Customer-focused and business-aware

Language&Location (France)

French: native or near-native level (mandatory)

English: professional working proficiency (mandatory)

Preferred location: Lyon or nearby

Availability for occasional travel within France and Europe is expected.

AG Solution is an Equal Opportunity Employer.

#J-18808-Ljbffr