Cyber SDC - OT Network Security Architecture & Governance - Senior - Consulting - Location Open

As an OT Senior Network Security Architecture & Governance professional, you will be responsible for providing operational support for the client's current referenced architecture, overseeing and governing operational technology (OT) systems to enhance security and ensure overall compliance. You support the manager and work within a team of experts to ensure that OT architectures align with organizational goals and industry standards, promoting secure and efficient operations.

JOB SUMMARY:

We are seeking a highly skilled and detail-oriented OT Network Security (Senior) Architecture & Governance Cyber Solution Analyst to join our Operational Technology (OT) team. This role is pivotal in driving architectural integrity, governance compliance, and effective defect and issue resolution across OT environments.

• In the role of OT Senior Architecture & Governance, you will support the OT manager by providing architecture oversight and approvals for OT systems, VLANs, and controls, ensuring that all designs and implementations meet security, compliance, and operational requirements. Additionally, you will assist in overall operations, reporting focusing on processes, milestones, and deliverables.
• The primary purpose of this role is to operationalize existing processes and develop standard work supporting best practices around OT Cybersecurity. In addition, you will help establish governance frameworks and best practices that guide the development and deployment of OT solutions in adherence to regulations and inertial audit efforts.  You will collaborate with cross-functional teams to assess architectural designs, provide recommendations, and facilitate decision-making processes that enhance the overall security and efficiency of OT environments.

 Key Responsibilities

• Review and validate OT system designs for alignment with enterprise architecture standards.
• Maintain and evolve governance frameworks, SOPs, and documentation.
• Support change review boards and architecture decision forums.
• Collaboration & Communication
• Partners with OT architects, system owners, cybersecurity teams, and DECA to resolve issues.
• Provide guidance and support to site teams on governance and defect-related matters.
• Communicate clearly across technical and non-technical audiences.
• Continuous Improvement
• Identify gaps in current documentation and propose updates.
• Contribute to the development of standard work and LEAN process improvements.

• Provide architecture oversight for OT systems, ensuring alignment with organizational goals and industry standards.
• Review and approve architectural designs and implementations for OT solutions, focusing on security, compliance, and operational efficiency.
• Establish governance frameworks and best practices for OT architecture and design processes.
• Collaborate with cross-functional teams to assess architectural designs and provide recommendations for improvements.
• Facilitate decision-making processes related to OT architecture, ensuring stakeholder alignment and buy-in.
• Conduct risk assessments and impact analysis for proposed changes to OT systems and architectures.
• Stay current with emerging trends, technologies, and regulatory requirements in the OT space to inform governance practices.
• Develop and maintain documentation related to OT architecture standards, guidelines, and governance processes.

Technical Skills

• Experience  and knowledge on Operational Technology (OT)  environments and governance
• Strong familiarity, background, and/or and understanding of manufacturing, shopfloor, ICS, building management, or other OT environments - and their associated safety, quality, and production considerations
• Experience with Security architecture design and assessment of technologies such as SaaS, PaaS, IaaS, AI/ML, ZTA etc.
• Familiarity with cybersecurity frameworks, including NERC CIP, NIS, CIS, NIST CSF, ISO 27001, ISA/IEC 62443
• Security controls, such as firewalls, IDS/IPS, encryption, and access management.
• Strong familiarity with networking concepts:  TCP/IP networking (Network segmentation, VLANs, network tapping/RSPAN, L2/L3 protocols, encryption, VPN, etc.)
• Familiarity with equipment for internal and external access (H/W servers, switches, routers, firewalls, load balancers, HSM, etc.) from various manufacturers (HPE, Lenovo, Cisco, Fortinet, Checkpoint
• Knowledge of Identity and Access Management concepts (e.g., PAM, AD, PKI), Zero Trust, infrastructure security, etc.
• Familiarity with endpoint protection including application whitelisting
• Technical background and familiarity with different types of technologies across multiple domain areas (database, cloud, application management, etc.)
• Risk-based Mindset
• ServiceNow and AuditBoard usage experience

Soft Skills

• Ability to analyze and resolve problems. Demonstrated ability to lead programs / projects.
• Ability to document, plan, market, and execute programs. Established project management skills.
• Ability to work directly with Product Owners, explain technical architecture requirements, and answer technical architecture questions
• Ability to lead calls with Product Owners and client stakeholders and clearly articulate review reasoning and rationale
• Multitasking between multiple projects (tickets) at once and being able to close in a timely manner based on priorities.

What we look for

We are looking for people who strive to lead themselves, their teams, and their communities, people who can foster effective team work to drive results.  We’re interested in authentic communicators with the ability to collaborate with EY colleagues across various teams who want to develop personally and professionally in a dynamic organization.