Security Architect - Oil & Gas (Freelance)

We are hiring on behalf of our client, a leading player in the Energy & Oil & Gas sector, a Security Architect to design and drive the global cybersecurity architecture across both IT and OT/ICS environments. This role is mission-critical for protecting large-scale industrial assets and ensuring operational continuity.

• Reports to: CIO / Head of IT Strategy
• Location: Lagos, Nigeria
• Contract: Freelance - Minimum 6 months
• Work Mode: Hybrid

Qualifications:

• Bachelor’s/Master’s degree in Computer Science, Cybersecurity, Engineering, or similar.
• 7+ years in cybersecurity, including 3+ years in security architecture.
• Experience in Oil & Gas, Utilities or Chemicals (mandatory)
• Proven experience securing OT/ICS in critical infrastructure sectors (Oil & Gas, Utilities, Chemicals)

Strong knowledge of:

• OT protocols (Modbus, DNP3, OPC)
• Cloud security (AWS, Azure)
• IAM, Zero Trust, Network Segmentation

Highly Desirable

• Certifications: GICSP, GISCP, CISSP, ISSAP, CCSP
• Experience with OT monitoring tools (Nozomi, Claroty, Dragos)
• Knowledge of Oil & Gas technologies (OSIsoft PI, SCADA systems, Drilling Control Systems)
• Understanding of regulations: NERC CIP, TSA directives, API standards

Key Competencies

• Strategic & pragmatic decision-making
• Strong communication across IT, OT, and executive teams
• Analytical mindset with an adversarial thinking approach
• Business-driven security, aligned with safe and reliable operations

Key Responsibilities:

Strategic Security Architecture

• Develop and maintain the enterprise security architecture roadmap (NIST, ISO 27001).
• Design security reference architectures for cloud (AWS/Azure), Digital Oilfield programs, and IT/OT convergence.
• Select and evaluate security technologies (firewalls, IDS/IPS, SIEM, PAM) to ensure multi-layered protection.

OT/ICS Critical Infrastructure Protection

• Architect cybersecurity controls for OT/ICS (SCADA, DCS, SIS).
• Apply IEC 62443, NIST SP 800-82, and Purdue Model for secure segmentation and remote access.
• Collaborate with Engineering & Operations to embed security in industrial asset lifecycles.

Risk Management & Threat Modeling

• Conduct threat modeling and risk assessments for IT and OT systems.
• Perform architecture reviews for major projects (cloud data lakes, IIoT deployments, M&A integrations).
• Define security requirements for third-party vendors connecting to corporate and industrial networks.

Incident Response & Resilience

• Design architectures supporting rapid detection and coordinated IT/OT incident response.
• Build secure backup, recovery, and continuity solutions to ensure resilience against cyberattacks.

<