NextEra Energy , Inc.
Director, Cybersecurity Architecture, Engineering and Operational Technology
NextEra Energy , Inc., North Palm Beach, Florida, United States, 33408
Director, Cybersecurity Architecture, Engineering and Operational Technology
NextEra Energy is seeking a visionary leader to shape and strengthen our cybersecurity architecture across Information Technology (IT) and Operational Technology (OT) environments. The Director of Cybersecurity Architecture, Engineering and Operational Technology will define strategic direction, design secure frameworks, and lead engineering and architecture teams to protect critical energy infrastructure and enterprise technologies from evolving threats. Key Responsibilities Define and execute the cybersecurity architecture strategy for both IT and OT environments, aligning security initiatives with NextEra Energy's business objectives and risk tolerance. Lead the strategic development of cybersecurity for artificial intelligence adoption across the enterprise. Lead the strategic consolidation of cybersecurity platforms to deliver capabilities in a standardized security stack, and rationalize applications to the least cost and most efficient model. Lead the design, implementation, and continuous improvement of secure network and system architectures for in Enterprise and Cloud environments and in Operations generation, transmission, distribution, and renewable energy control systems (SCADA, DCS, EMS). Develop and enforce security-by-design principles in collaboration with engineering, operations, and IT teams to ensure resilience of custom-built platforms, control networks, and enterprise services. Lead teams to Architect and deploy cybersecurity tools tailored to OT environments, including Industrial Intrusion Detection Systems (IDS/IPS), firewalls, data diodes, and secure remote access solutions. Establish network segmentation models (e.g., Purdue Model, zero trust) to isolate OT assets, reduce lateral movement, and secure communications between IT and OT zones. Ensure compliance with industry standards and regulations, such as NIST CSF, NERC CIP, IEC 62443, and other federal/state requirements. Partner with Governance, Risk & Compliance (GRC) teams to support audits and assessments. Collaborate with Security Operations to integrate threat intelligence, vulnerability management, and incident response outputs in developing design patterns and engineering plans across IT and OT domains. Build, mentor, and lead a high-performing team of cybersecurity architects and engineers focused on both traditional IT and OT security challenges, and in envisioning an AI enabled cybersecurity program. Serve as a trusted advisor to executive leadership on cybersecurity architecture matters, presenting roadmaps, risk analyses, and investment recommendations. Manage vendor and partner relationships to evaluate emerging technologies and integrate best-in-class solutions into NextEra's environment. Required Qualifications Bachelor's degree in Computer Science, Information Security, Electrical/Control Systems Engineering, or related field. Advanced degree strongly preferred. 10+ years of progressive cybersecurity architecture and engineering leadership experience, including at least 5 years experience in OT/ICS/SCADA security. Demonstrated expertise designing and implementing secure architectures for industrial control systems, including familiarity with DNP3, Modbus, OPC, and other ICS protocols. Strong knowledge of NERC CIP standards, NIST Cybersecurity Framework, IEC 62443 series, and federal energy regulations. Hands-on experience with network segmentation, zero trust networking, zone enforcement, and secure remote access technologies in an industrial environment. Proven ability to drive security-by-design in DevSecOps pipelines, integrating secure coding practices and automated testing for both IT and OT applications. Exceptional leadership, stakeholder management, and communication skills, with a track record of aligning technical initiatives to business objectives. Demonstrated execution of budget, project planning and labor allocation Relevant certifications such as CISSP, GICSP, CISA. Preferred Qualifications Familiarity with cloud security architectures (AWS, Azure, GCP) and hybrid IT/OT deployments. Experience with advanced threat detection platforms, Security Orchestration, Automation and Response (SOAR), and industrial anomaly detection. Prior experience in the energy or utility sector, with an understanding of generation, transmission, and distribution operations.
NextEra Energy is seeking a visionary leader to shape and strengthen our cybersecurity architecture across Information Technology (IT) and Operational Technology (OT) environments. The Director of Cybersecurity Architecture, Engineering and Operational Technology will define strategic direction, design secure frameworks, and lead engineering and architecture teams to protect critical energy infrastructure and enterprise technologies from evolving threats. Key Responsibilities Define and execute the cybersecurity architecture strategy for both IT and OT environments, aligning security initiatives with NextEra Energy's business objectives and risk tolerance. Lead the strategic development of cybersecurity for artificial intelligence adoption across the enterprise. Lead the strategic consolidation of cybersecurity platforms to deliver capabilities in a standardized security stack, and rationalize applications to the least cost and most efficient model. Lead the design, implementation, and continuous improvement of secure network and system architectures for in Enterprise and Cloud environments and in Operations generation, transmission, distribution, and renewable energy control systems (SCADA, DCS, EMS). Develop and enforce security-by-design principles in collaboration with engineering, operations, and IT teams to ensure resilience of custom-built platforms, control networks, and enterprise services. Lead teams to Architect and deploy cybersecurity tools tailored to OT environments, including Industrial Intrusion Detection Systems (IDS/IPS), firewalls, data diodes, and secure remote access solutions. Establish network segmentation models (e.g., Purdue Model, zero trust) to isolate OT assets, reduce lateral movement, and secure communications between IT and OT zones. Ensure compliance with industry standards and regulations, such as NIST CSF, NERC CIP, IEC 62443, and other federal/state requirements. Partner with Governance, Risk & Compliance (GRC) teams to support audits and assessments. Collaborate with Security Operations to integrate threat intelligence, vulnerability management, and incident response outputs in developing design patterns and engineering plans across IT and OT domains. Build, mentor, and lead a high-performing team of cybersecurity architects and engineers focused on both traditional IT and OT security challenges, and in envisioning an AI enabled cybersecurity program. Serve as a trusted advisor to executive leadership on cybersecurity architecture matters, presenting roadmaps, risk analyses, and investment recommendations. Manage vendor and partner relationships to evaluate emerging technologies and integrate best-in-class solutions into NextEra's environment. Required Qualifications Bachelor's degree in Computer Science, Information Security, Electrical/Control Systems Engineering, or related field. Advanced degree strongly preferred. 10+ years of progressive cybersecurity architecture and engineering leadership experience, including at least 5 years experience in OT/ICS/SCADA security. Demonstrated expertise designing and implementing secure architectures for industrial control systems, including familiarity with DNP3, Modbus, OPC, and other ICS protocols. Strong knowledge of NERC CIP standards, NIST Cybersecurity Framework, IEC 62443 series, and federal energy regulations. Hands-on experience with network segmentation, zero trust networking, zone enforcement, and secure remote access technologies in an industrial environment. Proven ability to drive security-by-design in DevSecOps pipelines, integrating secure coding practices and automated testing for both IT and OT applications. Exceptional leadership, stakeholder management, and communication skills, with a track record of aligning technical initiatives to business objectives. Demonstrated execution of budget, project planning and labor allocation Relevant certifications such as CISSP, GICSP, CISA. Preferred Qualifications Familiarity with cloud security architectures (AWS, Azure, GCP) and hybrid IT/OT deployments. Experience with advanced threat detection platforms, Security Orchestration, Automation and Response (SOAR), and industrial anomaly detection. Prior experience in the energy or utility sector, with an understanding of generation, transmission, and distribution operations.