Head of Operational Technology Cybersecurity

Head OT - Cyber Security

About Business:

Adani Group: In recent years, we have evolved from a new player in power generation to India’s largest private thermal power producer, with a capacity of 15,250 MW and a 40 MW solar project in Gujarat. It has created a world-class logistics and utility infrastructure portfolio that has a pan-India presence. Adani Group is headquartered in Ahmedabad, in the state of Gujarat, India. Over the years, Adani Group has positioned itself to be the market leader in its logistics and energy businesses focusing on large-scale infrastructure development in India with O & M practices benchmarked to global standards. With four IG-rated businesses, it is the only Infrastructure Investment Grade issuer in India.

Job Purpose: The Head OT Cybersecurity is responsible for overseeing and leading the organization’s operational technology (OT) cybersecurity strategy, ensuring the security and integrity of critical infrastructure, industrial control systems (ICS), and operational environments. This senior leadership role will drive the development, implementation, and maintenance of OT cybersecurity policies, standards, and practices to protect OT assets from cyber threats. The Head OT Cybersecurity will also oversee incident response, risk management, and compliance efforts while collaborating with cross-functional teams to secure the organization’s OT environments.

Head OT Cybersecurity

OT Cybersecurity Strategy Development:

Lead the development and execution of the organization’s OT cybersecurity strategy, ensuring alignment with overall cybersecurity and business goals.

Establish a comprehensive OT cybersecurity framework that includes policies, procedures, and controls to safeguard critical infrastructure.

Continuously monitor industry trends, emerging threats, and regulatory changes to adapt and evolve OT cybersecurity strategies.

Risk Management and Vulnerability Assessment:

Oversee risk assessments, vulnerability management, and threat modeling for OT systems, ensuring that all risks are properly identified, analyzed, and mitigated.

Develop and implement risk mitigation plans based on vulnerability assessments and threat intelligence specific to OT systems.

Monitor OT system configurations and identify opportunities to strengthen security postures, reducing exposure to cyber threats.

Incident Response and Recovery:

Lead OT cybersecurity incident response efforts, coordinating detection, containment, investigation, and recovery from OT-related security incidents and breaches.

Develop and implement incident response plans tailored to OT environments, addressing the unique characteristics of industrial control systems.

Collaborate with internal stakeholders and external agencies to investigate and resolve cybersecurity incidents, ensuring minimal impact on operations.

Compliance and Regulatory Oversight:

Ensure OT cybersecurity policies and practices comply with relevant industry standards, regulations, and frameworks (e.g., NIST SP 800-82, IEC 62443, NERC CIP, GDPR).

Lead efforts to maintain OT cybersecurity compliance during audits, assessments, and inspections.

Stay up to date with industry regulatory requirements and ensure timely adaptation of OT cybersecurity practices.

Security Architecture and Technology Management:

Design, implement, and oversee the deployment of security architecture for OT systems, including network segmentation, firewalls, access control, and endpoint security.

Work closely with the IT department to integrate OT cybersecurity measures with broader enterprise security systems.

Evaluate, recommend, and deploy new security technologies to enhance the security posture of OT environments, such as intrusion detection systems (IDS) and security information and event management (SIEM) systems.

Collaboration with Cross-Functional Teams:

Collaborate with IT, operations, engineering, legal, compliance, and executive leadership to ensure OT cybersecurity initiatives align with organizational priorities.

Engage with external partners, including third-party vendors and regulatory bodies, to maintain the security and compliance of OT systems.

Ensure the secure integration of third-party OT devices and systems into the organization’s environment.

Leadership and Team Management:

Lead and mentor a team of cybersecurity professionals focused on OT, ensuring high performance and professional development.

Manage OT cybersecurity staff, setting clear objectives, providing regular feedback, and ensuring alignment with the broader cybersecurity team.

Build a culture of security awareness within the OT domain, ensuring all stakeholders understand the importance of cybersecurity.

Training and Awareness:

Develop and implement training programs to raise cybersecurity awareness among OT personnel, ensuring they understand their role in maintaining security.

Conduct regular OT cybersecurity drills and exercises to prepare staff for potential cybersecurity incidents.

Provide guidance and support to OT teams in applying security best practices to operational processes.

Continuous Improvement and Innovation:

Foster a culture of continuous improvement by reviewing OT security incidents, analyzing root causes, and implementing improvements to prevent future occurrences.

Stay abreast of the latest trends and technologies in OT cybersecurity and integrate cutting-edge tools to enhance defense capabilities.

Lead efforts to drive innovation and enhance the cybersecurity posture of the OT environment across the organization.

Key Stakeholders - Internal

Executive Leadership

Department Heads

Legal and Compliance Teams

OT Operations Team

System Administrators and Operations

Engineering and Maintenance Teams

Procurement and Vendor Management Team

Facilities Management

Training Team

Risk Management Team

Internal Auditors

IT Team

Key Stakeholders - External

Regulatory Bodies

Industrial Control System (ICS) Vendors

External Auditors

Legal Advisors

Managed Security Service Providers (MSSPs)

Compliance and Certification Bodies

Industry Associations

Government Agencies

Consultants

Incident Response Service Providers

Third-Party OT Solution Providers

 

Educational Qualification:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Advanced degree (e.g., Master's, MBA) in Cybersecurity, Information Assurance, or a relevant discipline is highly desirable.

Certification:

Advanced certifications such as CISSP, CISM, CISA, GIAC GICSP, IEC62443 or other OT-specific security certifications (e.g., Certified SCADA Security Architect) are highly desirable.

Work Experience (Range of years):

15+ years of overall experience , with a focus on securing operational technology or industrial control systems.

At least 5 years in a senior leadership or management role within OT cybersecurity.

Experience Level

Executive Level