IT Security Architect – Manufacturing

IT Security Architect – Manufacturing

About the Role

Location India Haryana Gurugram

Country: INDIA

State/Province/County: Maharashtra

City: Pune

Company Siemens Energy Industrial Turbomachinery India Private Limited Organization EVP Global Functions Business Unit Digital Core Full / Part time Full-time Experience Level Experienced Professional

A Snapshot of Your Day

The Security Architect – Manufacturing is responsible for designing and implementing security frameworks specifically tailored for Manufacturing environment, ensuring IT security across manufacturing IT Systems, Operation Technology (OT) connectivity and compliance with industry standards. This role involves defining security architecture principles, documenting security policies, and ensuring that manufacturing systems are safeguarded against potential threats while supporting the organization’s operational goals.

How You’ll Make an Impact

Security Architecture Development: Design security architecture for Manufacturing IT and OT connectivity aligned with policies and best practices; define authorization concept (need-to-know, least privilege); lead secure IT/OT connectivity for real-time data; advise Asset Owners on access control (RBAC), roles, privileges, and account management.

Machine Connectivity and IIoT Integration: Design secure connectivity for Manufacturing IT, OT, and IIoT; define and implement communication standards and protocols (OPC UA, MQTT) for secure, efficient data exchange.

Consult Business Area and plant specific initiatives: Collaborate with sites to strengthen machine-to-network security; consult on secure IIoT deployments and automation; support predictive maintenance, process optimization, and energy efficiency aligned with corporate policies.

Data Protection and Privacy: Implement data protection for sensitive product data across its lifecycle; ensure compliance with data privacy regulations in Manufacturing IT and data handling.

Operational Security: Document operating procedures (architecture, responsibilities, change management, incident response); apply the four-eyes principle; develop incident response plans; conduct risk assessments, threat modeling, and mitigation controls.

Compliance and Documentation: Ensure compliance with security standards and regulations; document all security processes and changes; collaborate with Asset Owners and Asset Managers on operational requirements and approvals.

What You Bring

A bachelor’s degree in Computer Science, Information Technology, or a related field; a master’s degree is preferred.

7+ years in IT security, including 3+ years focused on Manufacturing IT security architecture and access control.

Deep knowledge of Manufacturing IT security architecture, RBAC, identity management, and connectivity protocols (, OPC UA, MQTT), with hands‑on work in MES/IIoT.

Proven ability to conduct risk assessments and threat modeling, manage security incidents, and apply application security practices (OWASP, input validation, separation of data and code).

Familiarity with ISO 27001, NIST, and Segregation of Duties (SoD); strong analytical, collaborative communication skills; and scripting to automate security tasks.

Ability to conduct risk assessments specific to Manufacturing IT environments.

Familiarity with Manufacturing IT security best practices and compliance requirements (, ISO 27001, NIST).

Skills in identifying and mitigating vulnerabilities in Manufacturing IT systems.

Skills in identifying, responding to, and managing security incidents within Manufacturing IT environments.

Knowledge of Application Security: known weaknesses (CWEs, injection flaws), good practices (separation of data and code, input validation, encoding). See OWASP project and related content.

Must have Certified Information Systems Security Professional (CISSP) or equivalent certifications.

Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) are good to have.