AVP, Team Lead, Cyber-Physical Systems (CPS) Security & Resiliency (Power Sector)

AECOM is seeking a seasoned Cyber-Physical System (CPS) Security & Resiliency growth leader to establish and grow our Cyber-Physical System Security & Resiliency team. This role builds the firm’s capability to help clients strengthen and modernize cyber-physical environments through integrated security, risk, and resilience strategies.

The ideal candidate brings deep operational technology (OT) domain expertise, experience building comparable practices, and the ability to engage senior public and private sector leaders on digital strategy, cyber-informed engineering, risk modernization, and cyber-physical program development. While governance and risk may intersect with information technology (IT), this role is not IT-centric. The focus is on the safety, security, and resilience of cyber-physical systems across CPS/OT environments (e.g., industrial control systems (ICS), supervisory control and data acquisition (SCADA), OT) and digitally enabled CPS/IT systems.

This role will launch within AECOM’s Energy Practice, with a mandate to scale across other infrastructure sectors. The position will operate in close partnership with all business lines where cyber-physical systems are part of critical infrastructure, serving as a delivery-enabling function.

This role is expected to operate with peer-level standing to other Practice and Capability Leads.

Role Primary Objectives:

• Establish the CPS Security & Resilience Team as a source of top and bottom-line growth within the Energy Practice.
• Strengthen client confidence and executive trust in AECOM’s ability to manage modern infrastructure risk.
• Establish a repeatable, scalable CPS capability that integrates with existing AECOM services.
• Position AECOM as a trusted consultant on the convergence of infrastructure, automation, AI, and physical consequence.
• Establish governance, risk, and resilience models for the integration of AI and advanced analytics into CPS/OT and CPS/IT environments, with explicit focus on physical consequence, system safety, and operational continuity.

Responsibilities:

Cyber-Physical Systems (CPS) Security & ResilienceStrategic Growth and Market Engagement

• Establish the CPS Security & Resilience practicefor the Power sector (generation, transmission, distribution, substations, grid modernization), and other critical infrastructure sectors.
• Develop and execute go-to-market, recruitment, and top- and bottom-line growth strategies for the CPS Security & Resiliency Practice.
• Support strategic pursuits and key accounts from the cyber-physical resiliency lens, where CPS risk influences project outcomes or client confidence.
• Engage client executives, boards, and regulators on system-level risk, resilience, and governance.
• Act as a strategic partner to leadership on infrastructure resilience, reliability, and operational risk.
• Advise clients on cyber-physical risk and resiliency implications of AI-enabled grid modernization, automation, DER integration, advanced protection schemes, and digitally enabled control environments.

Advisory & Enterprise Alignment

• Partner closely with Advisory leadership to align CPS services with broader operational, digital, and risk advisory offerings.
• Coordinate with existing IT, OT, and cyber resources across AECOM to avoid duplication and fragmentation.

Client Engagement, Delivery, and Practice Growth

• Work closely with senior leadership to shape AECOM’s CPS Security & Resilience offerings and expand market presence.
• Support capture and proposal activities, including developing scopes of work, methodologies, and strategic content.
• Build and maintain strong client relationships to identify new opportunities and ensure successful delivery.
• Serve as a bridge between technical specialists and executive-level client discussions.

Internal Support

• Provide leadership, direction, and capability stewardship across CPS Security & Resilience.
• Oversee and guide the development of reusable tools, templates, frameworks, and best practices for CPS Security & Resiliency.
• Oversee and guide the translation of cyber and digital risk into engineering-relevant decision frameworks.
• Avoid unnecessary process overhead; focus on pragmatic, outcome-driven integration.

Operating Model & Reporting

• Initial alignment: Power (business-led proving ground)
• Functional partnership: Advisory (delivery model, capability integration)
• This role will address AI within CPS as a cross-cutting enterprise risk and resilience consideration, integrated into existing CPS governance, delivery, and advisory models rather than treated as a standalone AI function.

Cyber-Physical Systems (CPS) Security & Resilience Practice Elements:

• Lead OT engagements related to cyber-physical systems.
• Lead client engagements addressing AI-enabled CPS risk, resilience, and governance across CPS/OT and CPS/IT environments, including model risk, autonomy, decision authority, and failure propagation into physical systems.
• Lead cybersecurity assessments, vulnerability analyses, and program reviews to help clients identify risks and prioritize improvements.
• Conduct maturity assessments, risk evaluations, gap analyses, and policy reviews to help clients define long-term CPS/OT and CPS/IT strategies.
• Develop OT governance models, operational frameworks, and investment plans that guide clients through modernization and lifecycle planning.
• Facilitate workshops, interviews, and stakeholder meetings to gather requirements and translate them into strategic recommendations.
• Embed CPS risk considerations into pursuits, delivery models, and client engagements.

• Develop OT and ICS cybersecurity programs aligned with frameworks such as NIST CSF, NERC CIP, and IEC 62443.
• Prepare guidance for OT security controls, monitoring approaches, segmentation strategies, governance, and compliance.

CPS Security & Resilience Leadership

• Provide industry leadership and guidance on CPS/OT and CPS/IT security & resiliency, promoting alignment with enterprise risk management, regulatory expectations, and delivery realities.
• Advise clients on CPS architecture concepts, technology options, integration considerations, and migration strategies.
• Oversee and guide master planning for CPS, including AI-enabled CPS, grid modernization, SCADA and EMS/DMS evolution, advanced automation, digital substations, and next-generation OT and CPS/IT architectures.
• Evaluate operational risks and recommend solutions that improve resiliency, reliability, and worker safety in CPS/OT environments.