Apply on Employer Site

Talen Energy · 18 hours ago

IT Systems & Compliance Lead

Allentown, PA

Full-time

Hybrid

Senior Level

7+ years exp

Talen Energy is looking for the Lead OT/IT – Operations & Compliance who will be responsible for ensuring the secure, compliant, and reliable operation of IT and OT systems supporting critical energy and industrial infrastructure. This role bridges IT and OT domains, leading the deployment of cybersecurity tools and ensuring adherence to NERC CIP and industry cybersecurity frameworks.

EnergyEnergy ManagementOil and Gas

No H1B

Security Clearance Required

Responsibilities

Own and drive the execution of the company’s OT cybersecurity and compliance strategy in alignment with enterprise security and IT/OT convergence objectives

Lead the implementation and operation of OT cybersecurity platforms, including asset inventory, vulnerability management, network segmentation, and secure remote/vendor access

Develop, maintain, and enforce OT security standards, architecture patterns, and implement guidelines consistent with NERC CIP and industry best practices

Establish OT cyber governance forums (e.g., monthly IT/OT Security Steering Committee) to align stakeholders, track risk reduction, and guide strategic decisions

Ensure IT and OT systems comply with NERC CIP standards, cyber regulations, and internal security policies

Lead the execution of patch management, access control, system logging, baseline configuration, and change management across regulated and non-regulated environments

Support compliance evidence collection, documentation maintenance, and audit readiness for NERC, NRC, and internal reviews

Serve as a technical SME during audits, self-certifications, and remediation activities

Participate in the design and validation of cybersecurity architectures that span both IT and OT environments — ensuring practical, fit-for-purpose solutions

Plan, coordinate, and execute OT cybersecurity assessments in collaboration with internal teams, third parties, and site engineers

Conduct tabletop exercises, incident simulations, and post-event reviews to validate operational readiness and continuous improvement

Support incident response, including root cause analysis, containment, and corrective actions

Serve as a trusted advisor to plant managers, engineers, and IT teams — balancing risk reduction with operational continuity

Lead cross-functional working sessions to align site operations, compliance, and enterprise architecture objectives

Manage and scale targeted OT cybersecurity awareness programs tailored for operations personnel

Support technology evaluation, RFPs, and integration planning for emerging OT security tools

Qualification

NERC CIP complianceIndustrial cybersecurity frameworksOT cybersecurity platformsIT/OT experienceWindows/Linux serversNetwork segmentationEndpoint protection platformsAsset inventory toolsIdentityAccess managementAnalytical skillsCollaborative communicatorAccountabilityDocumentation skillsCommunication skillsOwnership

Required

Bachelor's degree in IT, Computer Science, Cybersecurity, Industrial Automation, related field, or equivalent work experience

7+ years of combined IT/OT experience, including 2+ years in industrial cybersecurity or compliance-driven environments (e.g., SCADA, PLCs, DCS, plant operations)

Strong understanding of NERC CIP compliance, and industrial cybersecurity frameworks (NIST SP 800-82, IEC 62443)

Hands-on experience with OT infrastructure and cybersecurity controls including: Servers (Windows/Linux), virtualization (VMware/Proxmox), and backup (Commvault/Veeam)

Network segmentation, firewalls (Fortinet, Palo Alto,), and industrial DMZ design

Endpoint protection/EDR platforms (CrowdStrike, Microsoft Defender)

Asset inventory and monitoring tools (Industrial Defender, Nozomi, Claroty, Dragos)

Familiarity with identity and access management (Active Directory, Okta, Azure AD), vulnerability scanning and service management (ServiceNow)

Experience with physical security systems (e.g., CCURE, camera systems, sensors) and supporting compliance documentation

Strong analytical, documentation, and communication skills; able to translate technical risks into business terms