IT Cyber Security Architect, Plant Infrastructure

JOB DESCRIPTION

Company Summary

Recurrent Energy is a wholly owned subsidiary of Canadian Solar Inc. and is one of the world's largest and most geographically diversified utility-scale solar and energy storage project development, ownership, and O&M platforms.  Recurrent Energy is focused on bringing low-cost clean energy and meaningful economic development to communities across the globe.

With a strong track record of originating, developing, financing, and building nearly 9 GWp of solar and 3 GWh of battery storage power plants across six continents, Recurrent Energy has established a leadership position in both solar and battery storage project development. With a total pipeline of 25 GWp in solar and 47 GWh in battery storage, of which 14 GW and 12 GWh respectively already have interconnections (as of January 31, 2023). In addition, Recurrent Energy’s services business has 6 GW of projects under operations and maintenance contracts, either operational or contracted projects.

Position Title:IT Cyber Security Architect, Plant Infrastructure

Department:IT

Reports To:IT Director

Location:Austin, TX or Remote U.S.

Position Summary

We are seeking an experienced and skilled Cybersecurity Architect with a strong background in Operational Technology (OT), compliance, NERC (North American Electric Reliability Corporation) standards, and network design. The successful candidate will be responsible for designing and implementing comprehensive cybersecurity strategies, solutions, and architectures to safeguard our organization's critical infrastructure and assets. The role involves collaborating with cross-functional teams to ensure compliance with industry regulations, standards, and best practices.

Responsibilities

• OT Cybersecurity Strategy: Develop and execute holistic cybersecurity strategies tailored to the unique challenges of Operational Technology environments, focusing on protecting critical assets, ensuring availability, and preventing unauthorized access.
• Compliance Management: Stay abreast of relevant regulations and standards, particularly NERC CIP (Critical Infrastructure Protection) standards, and ensure the organization's systems, processes, and procedures are aligned with compliance requirements.
• Network Architecture: Design, review, and enhance network architectures for both IT and OT environments, incorporating security measures that prevent unauthorized intrusion, data breaches, and other cyber threats.
• Risk Assessment: Conduct thorough risk assessments to identify vulnerabilities and potential threats within the OT landscape. Translate findings into actionable security recommendations and solutions.
• Security Solutions Implementation: Lead the deployment of advanced security solutions, including intrusion detection systems, firewalls, access controls, and encryption mechanisms, to safeguard critical infrastructure.
• Collaboration: Collaborate with cross-functional teams, including IT, operations, engineering, and compliance, to align cybersecurity initiatives with business goals, operational needs, and regulatory requirements.
• Incident Response Planning: Develop and maintain robust incident response plans specific to OT environments. Coordinate with incident response teams to ensure a swift and effective response to security incidents.
• Security Awareness: Raise awareness and provide training to employees, contractors, and partners about OT cybersecurity best practices, policies, and procedures.
• Vendor Assessment: Evaluate the security posture of third-party vendors and partners, ensuring that their solutions and services meet cybersecurity standards.

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• A minimum of 7-10 years of experience in cybersecurity architecture with a focus on OT environments, compliance, NERC CIP standards, and network design.
• Profound knowledge of NERC CIP requirements and their practical application in energy/utility sectors.
• Strong expertise in designing and implementing security solutions in complex OT environments especially in the renewables industry.
• In-depth understanding of network protocols, architecture, and segmentation strategies.
• Professional certifications such as CISSP, CISM, CRISC, or relevant vendor-specific certifications (e.g., Cisco CCIE, Palo Alto PCNSE) preferred.
• Proven experience with security frameworks such as NIST Cybersecurity Framework, ISA/IEC 62443, or ISO 27001.
• Excellent communication skills, both written and verbal, with the ability to articulate technical concepts to non-technical stakeholders.

Recurrent Energy is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to age, race, color, religion, sex, national origin, sexual orientation, disability, or veteran status.