Work Schedule

Standard (Mon-Fri)

Environmental Conditions

Adherence to all Good Manufacturing Practices (GMP) Safety Standards, Cleanroom: no hair products, jewelry, makeup, nail polish, perfume, exposed piercings, facial hair etc... allowed, Laboratory Setting, Office, Some degree of PPE (Personal Protective Equipment) required (safety glasses, gowning, gloves, lab coat, ear plugs etc.), Warehouse

Job Description

Position Summary

The OT/IT Integration Security Architect will serve as a senior subject matter expert responsible for defining and executing secure integration strategies for mergers and acquisitions (M&A) across Thermo Fisher Scientific’s manufacturing, laboratory, and R&D environments. This role focuses on rapid assessment, risk mitigation, and the design of scalable, secure architectures that enable seamless integration of acquired OT and IT environments into the enterprise.

Working across M&A, IT, OT, R&D, and business leadership teams, the Architect will assess acquired environments, define integration roadmaps, and ensure alignment with enterprise cyber security standards and regulatory requirements. This is a highly visible, fast-paced role requiring strong technical depth, architectural leadership, and the ability to influence stakeholders in dynamic and often ambiguous environments.

Key Responsibilities

• Define and drive OT/IT integration security architecture strategies, standards, and roadmaps for M&A activities.
• Design secure integration architectures that align acquired environments with enterprise OT and IT security frameworks.
• Establish scalable patterns for repeatable and efficient integration of diverse manufacturing, lab, and R&D environments.
• Balance speed of integration with risk reduction, ensuring business continuity and operational resilience.
• M&A Security Assessments & Integration Planning
• Lead OT and IT cyber security assessments for acquisitions, including site evaluations and technical due diligence.
• Identify risks, gaps, and remediation priorities across acquired OT/ICS, lab, and IT environments.
• Develop integration strategies and phased roadmaps aligned to business timelines and risk tolerance.
• Provide actionable recommendations to leadership on integration sequencing, investment needs, and risk mitigation.
• Apply enterprise OT security standards and frameworks (e.g., ISA/IEC 62443, NIST) to integration activities.
• Design and implement segmentation strategies, including zone/conduit models and OT/IT DMZ architectures.
• Ensure integration of monitoring, detection, and response capabilities within acquired environments.
• Support development of security controls aligned with regulatory, quality, and compliance requirements (e.g., GxP).
• Bring deep understanding of industrial control systems (SCADA, DCS, PLCs), lab instrumentation, and manufacturing processes.
• Ensure secure integration of OT systems with enterprise IT platforms, including identity, logging, and monitoring systems.
• Evaluate and rationalize legacy technologies, balancing modernization with operational constraints.
• Ensure minimal disruption to manufacturing, lab, and R&D operations during integration activities.
• Partner with M&A, IT, OT, engineering, and site leadership teams to execute integration strategies.
• Act as a bridge between acquired entities and enterprise teams to align on security standards and expectations.
• Communicate risks, architectural decisions, and trade-offs clearly to technical and executive stakeholders.
• Influence stakeholders across a global, matrixed organization to drive consistent and secure integration outcomes.
• Develop reusable playbooks, templates, and standards for OT/IT integration in M&A scenarios.
• Stay current with emerging threats, technologies, and integration strategies relevant to OT and IT environments.
• Identify opportunities to improve speed, consistency, and security of future integrations.
• Leverage automation, analytics, and AI-driven capabilities to enhance integration and security processes.

Travel

Up to 50% travel to acquired sites globally to perform assessments, support integration, and engage stakeholders.

Qualifications

Experience & Skills

• Extensive experience in OT cyber security architecture, IT security architecture, or integration architecture within industrial environments.
• Strong knowledge of industrial systems, ICS/SCADA technologies, and protocols (e.g., Modbus, OPC, Ethernet/IP, PROFINET).
• Proven experience designing segmentation strategies, DMZ architectures, and secure connectivity between OT and IT environments.
• Experience with enterprise identity platforms (e.g., Active Directory, Entra ID/Azure AD) and identity integration during M&A
• Experience leading or supporting M&A integrations, technical due diligence, or large-scale transformation initiatives.
• Deep understanding of cyber risks in OT environments and practical application of mitigation strategies.
• Experience working in fast-paced, high-ambiguity environments with competing priorities and aggressive timelines.
• Strong communication skills with the ability to present complex architectural concepts to executive and non-technical audiences.
• Demonstrated ability to influence stakeholders and drive alignment across global, matrixed organizations.
• Ability to operate both strategically and tactically, from high-level architecture design to hands-on assessment and guidance.

Education & Certifications

• Bachelor’s degree in Engineering, Computer Science, Cyber Security, or related field preferred.
• Relevant certifications (e.g., CISSP, CISM, GICSP, ISA/IEC 62443, CCSP) highly desirable.
• Equivalent work experience may substitute for formal education.

Enhanced Technical Requirements

• Strong familiarity with OT security standards such as ISA/IEC 62443 and NIST CSF.
• Expertise in network segmentation, zone/conduit architecture, and Zero Trust principles applied to OT/IT integration.
• Experience with OT security monitoring platforms and SIEM integration.
• Understanding of regulatory requirements impacting manufacturing, lab, and R&D environments (e.g., GxP, FDA).
• Experience with cloud, edge, and IIoT integration scenarios and associated security considerations.
• Familiarity with asset discovery and visibility tools in OT environments.
• Experience with threat modeling and risk-based security design for integrated environments.
• Experience leveraging Generative AI to accelerate assessment, integration planning, or threat analysis is desirable.

Soft Skill Expectations

• Ownership: Drive architecture and integration strategies for M&A activities with minimal oversight.
• Complexity: Operate independently in complex, high-pressure environments with evolving requirements.
• Leadership: Influence cross-functional teams and represent security architecture in executive discussions.
• Communication: Simplify complex technical risks and architectural decisions for diverse audiences.
• Adaptability: Respond effectively to changing priorities and incomplete information during integration efforts.
• Improvement Mindset: Continuously refine integration approaches based on lessons learned and emerging best practices.

Benefits & Rewards

Thermo Fisher Scientific offers a comprehensive Total Rewards package, including competitive compensation, annual incentive opportunities, healthcare and retirement benefits, paid time off, employee stock purchase plan, and career development resources.