Where cyber-physical security meets AI

Rick Ramirez.

For a decade I've secured systems where failure is physical — surgical robots, industrial control, the RF spectrum — and now I secure the AI being wired into them.

Cyber-physical & AI security · New York City metropolitan area

Spoke at NJ SECON 2026 Jun 2026 U.S. Marine Corps Veteran
Portrait of Rick Ramirez, cyber-physical and AI security engineer

From risk methodology to working systems

A U.S. Marine Corps veteran turned cybersecurity leader. Today I'm Lead Product Security Engineer for the Ottava surgical robotics platform at Johnson & Johnson — after rising through enterprise, OT/ICS, and global supply-chain security roles. I build practical, standards-aligned methods for measuring and reducing cyber risk, and increasingly the AI tooling that makes that work scale.

OT / ICS Security

Site-level cyber risk assessment for industrial and operational environments — IT, OT, physical security, third-party, GRC, and resilience.

Risk Methodology

Inherent risk + control maturity → residual risk, mapped to NIST SP 800-30, ISA/IEC 62443, and NIST CSF 2.0.

AI Security & Agents

Governed, security-first multi-agent systems with human-in-the-loop approval, audit trails, and fail-closed controls.

NIST SP 800-30ISA/IEC 62443 (-3-2 / -3-3 / -2-1)NIST CSF 2.0Threat ModelingOT / ICS SecurityProduct SecuritySBOMFDA Premarket CybersecurityMulti-Agent AI SystemsPython
Languages English · Spanish

Where I've worked

Johnson & Johnson

New Jersey · 4+ years
Lead Product Security Engineer — MedTech R&D Aug 2025 – Present
  • Product security for the Ottava surgical robotics platform — embedding secure-by-design into next-generation surgical systems alongside R&D engineering.
  • Medical-device security across the lifecycle: FDA premarket cybersecurity guidance, SBOM, and threat modeling.
Senior Security Analyst — Global Pharmaceuticals Supply Chain Technology Aug 2023 – Aug 2025
  • Security and risk across global pharmaceutical supply-chain technology; built cross-functional risk programs bridging OT and enterprise security.
Senior Security Analyst — NA/LATAM Supply Chain Logistics, OT/ICS Aug 2022 – Sep 2023
  • Site-level OT/ICS cyber risk assessment across NA/LATAM logistics — the work that shaped my site cybersecurity risk methodology.
IT Security Analyst — Customer Experience Nov 2021 – Aug 2022

U.S. Marine Corps

Veteran
Communications Technician May 2013 – May 2021
  • Eight years in telecommunications and secure communications — the foundation of my security career.

Certifications

Industrial / OT-ICS Security

GICSP 2025–2029
GIAC
ICS Cybersecurity Analysis & Evaluation (401v)
CISA
SEC556: IoT Penetration Testing 2026
SANS

Security Foundations

CISSP In progress
ISC²
Security+ (ce) 2020
CompTIA
SecAI+ 2026
CompTIA

AI & Agentic Systems

Multi-AI Agent Systems with crewAI 2026
DeepLearning.AI
AI Security Essentials for Business Leaders
SANS
Model Context Protocol
Anthropic

Education

Western Governors University B.S., IT Management
2023 – 2026
Harvard University Executive Education — Cybersecurity & Risk Management
2020
MIT Sloan Executive Education Implementing Agentic AI: Building Your Organizational Playbook
2026

Things I've built

Security-first tools across OT/ICS risk assessment and AI agent systems — built to be auditable, governed, and honest about their limits.

Flagship · Platform

Ohm AI

A local-first, multi-agent OT/ICS cybersecurity assessment platform. Ingests site evidence — network diagrams, asset inventories, firewall/ACL configs, vuln scans, and policies — then evaluates against IEC 62443 and NIST CSF 2.0 to produce scores, a report, and a prioritized remediation roadmap. Strictly local: no client data leaves the machine.

PythonLocal LLMsMulti-AgentIEC 62443NIST CSF 2.0
Early access
Open Source · Reference Architecture

Secure Enterprise AI Reference Architecture

A vendor-neutral, principal-level reference architecture for a secure enterprise AI platform: a mandatory AI gateway with prompt-injection and sensitive-data guardrails, access-controlled RAG that filters retrieval by data classification, a multi-agent orchestration plane where every agent gets a short-lived on-behalf-of identity, and brokered tool/MCP execution with graded human-in-the-loop approval. Ships a STRIDE + MITRE ATLAS threat model, a controls-traceability matrix across eight frameworks, and hands-on policy-as-code and SIEM-detection artifacts.

AI/LLM SecuritySecure RAGMulti-AgentOWASP LLM Top 10NIST AI RMF
View on GitHub ↗
Open Source

multi-agent-orchestrator

A LangGraph supervisor → specialist → reviewer system with persistent memory, security-first human-in-the-loop approval (approve / reject / edit / take-over), and a tamper-evident SHA-256 audit hash chain. MIT-licensed with green CI across Python 3.10–3.12.

PythonLangGraphHITLAudit Chain
View on GitHub ↗
Open Source

failure-forensics

Observability and root-cause analysis for multi-step AI pipelines. Traces every step, then uses an LLM-as-judge backward walk to localize the failing step and turn confirmed failures into eval cases. Security is the differentiator: the trace store is treated as a sensitive sink, with redaction-before-persist and a STRIDE-lite threat model.

PythonStreamlitClaudeOpenTelemetry
View on GitHub ↗
Open Source

offsec-orchestrator

A governed agent for authorized security testing: a dependency-free MCP stdio client, an engagement scope / rules-of-engagement gate (fail-closed), default-deny active tools, and a propose → approve → execute loop backed by an audit hash chain. 88% test coverage.

PythonMCPGovernanceFail-Closed
View on GitHub ↗

Speaking & research

Featured Talk SECON 2026 · New Jersey

Cleartext at the Edge

A Neptune R900 Case Study in RF Telemetry Exposure

Original, passive (receive-only) RF research: the Neptune R900 AMR water meter — millions deployed across North American utilities — broadcasts real-time usage, meter ID, and status in cleartext over the 902–928 MHz band, with no encryption or authentication, readable with under $100 of SDR hardware. The talk reframes RF as part of the attack surface — telemetry that never reaches a firewall, EDR, or SIEM, yet can enable occupancy inference and pattern-of-life surveillance. Findings were reported through a CISA-coordinated disclosure.

RF / SDRAMR / AMICyber-Physical SystemsResponsible Disclosure

Writing

Notes on OT/ICS security, RF and cyber-physical systems, risk methodology, and security-first AI.

Jun 29, 2026 5 min read Passing CompTIA SecAI+: Notes from the First Cohort CompTIA's AI-security certification launched in February 2026. A practitioner's honest read on what SecAI+ actually tests, where it bites, what it's good for, what it isn't — and why a named credential matters as AI security becomes its own discipline. May 26, 2026 6 min read Scaling Agentic AI Responsibly: Safeguards, Identity, and Governance One agent is a pilot; a hundred is an operating model. How to scale agentic AI without losing control — the autonomy dial, four safeguard layers, portfolio-scale lines of defense, non-human identity, and governance as a competitive differentiator. May 19, 2026 8 min read Implementing Agentic AI in the Enterprise: A Builder's Playbook Most agentic AI pilots stall on the implementation decisions around the model, not the model itself. A practical playbook for enterprise leaders — the five building blocks of an agent, build vs. buy vs. stack, human-in-the-loop thresholds, a three-week MVP, the new agent-manager role, and the AgentOps discipline that keeps it honest. May 12, 2026 5 min read Agentic AI in the Enterprise: Choosing Where to Start Before you build an agent, you need a position — what agentic AI actually is, where your organization really sits on the AI curve, and which workflow will teach you the most. A strategy-first guide to choosing where to start.

Advisory & consulting

Standards-aligned assessment that turns a sprawling environment into a clear, prioritized view of cyber risk — and a plan to reduce it. Available for select advisory engagements alongside my full-time work.

Site Cyber Risk Assessment

A structured, evidence-based assessment of a facility’s cyber risk posture across IT, OT, physical, third-party, GRC, and resilience — delivering scored findings and a residual-risk view leadership can act on.

OT / ICS Program Review

Evaluation of industrial control environments against ISA/IEC 62443 and NIST CSF 2.0, with control-maturity scoring and a gap analysis tied to real operational impact.

Remediation Roadmap

A prioritized, cost-aware roadmap that sequences mitigations by residual-risk reduction — so the highest-impact work happens first.

Frequently asked

Who is Rick Ramirez?
Rick Ramirez is a cybersecurity professional based in the New York City metropolitan area, working at the intersection of cyber-physical and AI security. He is a Lead Product Security Engineer at Johnson & Johnson and advises on securing OT/ICS, medical-device, and AI systems.
Where is Rick Ramirez based?
The New York City metropolitan area. He works with clients across the New York / New Jersey metro region and remotely.
What is Rick Ramirez's experience in AI security?
He holds CompTIA SecAI+, authored a vendor-neutral secure enterprise AI reference architecture, builds governed multi-agent AI systems with human-in-the-loop controls, and publishes a SecAI+ study video series. His focus is security architecture for AI — mapped to the OWASP LLM Top 10, NIST AI RMF, and MITRE ATLAS.
Is Rick Ramirez available for advisory or consulting engagements?
Yes — for select advisory and consulting engagements in cyber-physical and AI security, such as cyber risk assessment and OT/ICS program review. Email is the fastest way to reach him.

Let's talk

Open to advisory conversations about cyber-physical risk, product security, and securing AI systems. The fastest way to reach me is email.

Looking for my résumé? Email me and I’ll send it over.