TC-CS-Cyber Architecture- OT - Engineering-OT-Security -Manager

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

EY- Cyber Security (OT Security) – Technology Consulting – Manager
GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value.
 

The opportunity
The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who would develop, deliver and lead the delivery of Operational Technology (OT) security engagements with focus on development of proposals in this area, and develop OT security solutions. He/she will play a key role in help clients identify the security risk in the existing IT/OT environments, either through advisory and/or implementation support. He/ she will be responsible for driving activities within their own engagements, assign and schedule resources, and monitor deliverable progress. Our Managers also partake in building new solutions and reusable assets for the firm
 

Your key responsibilities
To qualify, candidates must have:   

• Help the firm identify opportunities and develop business across the globe
• Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT 
• Demonstrated consulting skills with OT-ICS industries (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc.)
• Ensure deliver of quality client services. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Stay abreast of current business and industry trends relevant to our clients
• Establish relationships with client personnel at appropriate levels
• Demonstrate capability to manage client expectations
• Build strong internal relationships within EY Consulting Services and with other services across the organization
• Demonstrate in-depth technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge
• Demonstrate and apply a thorough understanding of comprehensive range OT-ICS technologies. Use knowledge of the current technologies with IT and ICS convergence environment and trends to identify client service issues Contribute to people-related initiatives, including development, coaching, recruiting, training and retaining staff
• Maintain an educational program to continually develop personal skills of staff
• Understand and follow workplace policies and procedures
• Foster teamwork and lead by example 

Skills and attributes for success

• The OT Security Manager must display the following skills: 
  • The ability to guide and direct OT -ICS Security team members
  • The ability to work both in a management capacity, and in a detailed, hands-on capacity
  • Be experience in conducting security audit in OT environment. 
  • Be experienced in identifying and articulating vulnerabilities/ risks/ issues/ obstacles regarding security posture and configurations 
  • Ability to strategize at holistic level and detailed level to solve complex business and technology issues ensuring that the IT and business teams are aligned

• Interpersonal skills:
  • Self-motivated with the ability to work independently as well as with a team
  • Identify and effectively communicate issues
  • Strong stakeholder management skills 
  • Ability to liaison with other teams and business, representing the views of IT security
  • Exert influence through all levels of the program and stakeholder management
  • Negotiate resolutions which are satisfactory to all stakeholders
  • Effectively collaborate with multiple global teams
• Technical Skills
  • The OT Security Manager must display the following skills: 
  • Demonstrate knowledge in identifying threat, attack surface area and risk mitigation in OT environment 
  • Knowledge OSI layer and various protocols used at different layers 
  • Design and implement networking and security controls in OT environment 
  • Knowledge of OS (Windows / Linux) security, Database security and DLP systems  
  • Knowledge of cyber threats and vulnerabilities related to platform and infrastructure. 
  • Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by various industrial control systems.
  • Knowledge of various sensors and sensing devices and identify security issues related to them
  • Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP
  • Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, NIST standards on Cyber Security, HITRUST, etc. is a plus  
  • Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus

To qualify for the role, you must have

• BE - B. Tech / MCA / M. Tech / MBA with background in computer science and Industrial Automation 
• More than 12 Years of relevant experience
• Strong Excel and PowerPoint skills
• Demonstrated leadership abilities
• Excellent interpersonal, written, verbal, communication, and presentation skills
• Minimum B. Tech. or equivalent educational qualification 
• Prominent Cyber Security Certifications – CISSP, CISA, CISM, etc.  
• ISA/IEC 62443 Risk Assessment Specialist*
• Global Industrial Cyber Security Professional (GICSP)
• ISO31000 – Risk Management
• GIAC Penetration Tester (GPEN)
• Solution Operator Certifications (Palo Alto, Check Point , Microsoft , Armis , Nozomi.. ) 

What we look for

• A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills.
• An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide.
• Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries.

What working at EY offers

At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around.
• Opportunities to develop new skills and progress your career.
• The freedom and flexibility to handle your role in a way that’s right for you.

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.