Position Title
SCADA CYBERSECURITY ARCHITECT
Position Number
192003
FLSA Status
Exempt
Full Time/Part Time
Full Time
Salary
$82,284 - $105,310 Annually (Depending on Qualifications)
Job Summary
Under limited direction, this position is responsible for developing, implementing, and maintaining the security architecture for the Supervisory Control and Data Acquisition (SCADA) infrastructure, applications, and data across Electric and Water & Wastewater SCADA systems. This role provides
technical leadership in SCADA cybersecurity strategy, compliance, risk mitigation, and operational resilience, ensuring alignment with industry regulations and best practices (Summary of the level of
responsibility and scope of work.
Responsibilities
Provides technical leadership and guidance to security-related staff, including network administrators, cybersecurity personnel, patch management specialists, and other SCADA departmental staff. Defines, implements, and enforces SCADA cybersecurity architecture, roadmaps, and security controls aligned with industry standards (e.g., NERC CIP, NIST, CIS Controls, ISA/IEC 62443, Zero Trust). Provides technical oversight for SCADA cybersecurity operations, including next-gen firewalls, IDS/IPS, network segmentation, VPNs, endpoint security (EDR/XDR), and threat intelligence solutions. Conducts risk assessments, vulnerability scanning, penetration testing, and security audits to proactively mitigate cyber threats. Develops and leads SCADA-specific incident response planning and execution. Analyzes anomalous system logs, SIEM alerts, firewall and IDS/IPS events, VPN access logs, and endpoint security incidents, and provides appropriate response and mitigation action plan. Assesses and monitors cybersecurity risks associated with SCADA vendors, contractors, and third-party service providers to ensure secure integrations and compliance with supply chain security best practices. Collaborate with SCADA personnel and compliance teams to document and maintain security policies and procedures. Develop and maintain SCADA cybersecurity disaster recovery (DR) and business continuity plans to ensure operational resilience. Implement and enforce secure remote access solutions, incorporating multi-factor authentication (MFA), encrypted VPNs, and least privilege access principles. Maintain up-to-date SCADA network architecture diagrams, security appliance configurations, and incident response playbooks. Provide cybersecurity investment recommendations and justifications, collaborating with SCADA leadership on budget planning. Competes other job duties as assigned.
Knowledge, Skills, and Abilities
In-depth knowledge of SCADA cybersecurity frameworks (ISA/IEC 62443, NERC CIP, NIST, CIS Controls). Strong understanding of ICS/SCADA protocols (DNP3, Modbus, IEC 104) and Deep Packet Inspection (DPI) for OT traffic. Proficiency in threat intelligence, Zero Trust architectures, network segmentation, and vulnerability risk management. Familiarity with SIEM, IDS/IPS, endpoint security solutions (EDR/XDR), and security automation (SOAR tools). Ability to effectively communicate and collaborate with SCADA, IT, and security teams to align cybersecurity initiatives with operational needs. Ability to mentor and coach security-related staff. Strong technical writing skills for policy development and compliance documentation. Effective problem-solving and crisis management skills in cybersecurity incidents. Project management skills for implementing security initiatives. Ability to develop and implement robust SCADA security processes and incident response playbooks. Ability to respond effectively to declared emergencies and critical system incidents, ensuring timely mitigation of cybersecurity threats. Ability to communicate cybersecurity risks and strategies to non-technical stakeholders. Ability to adapt to evolving cybersecurity threats, technologies, and regulatory requirements.
Education & Experience Requirements
Bachelor’s Degree in Computer Science, Information Technology (IT), Cybersecurity, or a related field, with six (6) years of experience in IT, Operational Technology (OT), or a related field.
An equivalent combination of appropriate education, relevant experience, and industry certifications may substitute for the minimum qualifications.
Certificates, Licenses, Registrations
Requires a valid Texas Driver License or receipt of a valid Texas Driver’s License within 90 days of relocation to Texas and a safe driving record, as measured by company policy.
Requires a ISC2: CISSP (Certified Information Systems Security Professional), ISACA: CISM (Certified
Information Security Manager),
CompTIA: CASP+ (CompTIA Advanced Security Practitioner) or
equivalent certification.
Physical Demands
Must be able to occasionally access and inspect SCADA network infrastructure, including datacenters, control rooms, and field equipment as needed. Must be able to lift up to 50 lbs. occasionally for equipment handling. May require working in varied environmental conditions (e.g., high heat, cold, or confined spaces) during site assessments or incident response. Required to participate in a scheduled on-call rotation for cybersecurity incident response, including after-hours availability for critical incidents.
Eligibility for Employment
In addition to any and all other qualifications required for employment stated under the Brownsville P.U.B Personnel Policies and Procedures Policy No. 39:
•Prohibit the hiring of any person who is related to BPUB Executive Management within the third degree of Consanguinity or second degree by Affinity; and
•Based on certain prohibitions of the Charter and Statute on nepotism, no person can be hired who shall be related to any member of the Board of Directors or City Commission within the third degree of consanguinity or second degree by affinity.
Posting Detail Information
Posting Number
S602P
Open Until Filled
No
Special Instructions Summary
full time
$82,284-$105,310Brownsville, TX7 days ago
