Apply now »

Technology Consulting (Cyber) - ICS/OT Security Manager

Location:  Dublin 2
Other locations:  Primary Location Only
Salary: Competitive
Date:  Feb 1, 2023

Job description

Requisition ID:  32001

EY’s cyber security practice is one of the fastest growing areas of the business with significant ambition for the future through additional recruitment and acquisition. As part of our cyber team, you will provide advisory and technical support to help our clients improve their cyber security posture and respond to the dynamic nature of cyber security threats. You will provide security domain expertise and utilise your business insight to work closely with our clients to advise, design, build and deploy pragmatic security solutions that will provide real and tangible benefits to protect their organisations.


Key activities for this role include the following:


As an ICS / OT security manager, you will help our clients to guide them to a higher cyber security maturity in their production, manufacturing, utilities, and other environments. As a manager, you will provide advisory and technical expertise to help our clients to securely design and deploy industrial control systems and operational technology. You will lead security analysis of the architecture and infrastructure of Industrial Control Systems (SCADA / DCS / DMS/ IIoT). You will design and implement cyber security solutions for Industrial Control Systems. You will lead ICS security projects within a security transformation programme. Your job will also include developing and aligning organisations to ICS/OT Security Frameworks, based on industry best practices as well as international and applicable national standards.


Your role may also include:

  • Leading in the analysis and implementation of IT and OT Security Solutions to meet customer requirements
  • Creation and maintenance of cybersecurity reference architectures in line with industry best practice
  • Reviewing and developing security strategies, policies, standards, and processes
  • Security Operation Centre, Build and operate
  • Review and assessment of our client’s security posture in line with emerging threats and assess the risk that these may pose
  • Working in interesting environments including large Enterprise, Cloud, Operational Technology and IoT
  • Assessment of security requirements to meet control objectives and risk appetite
  • OT security monitoring including converged elements of Security Operations Management, SOC assessment, and implementation
  • Working on Threat and Vulnerability Management for OT systems and environments
  • OT Security Incident Response support and investigations
  • Security Engineering including IT and OT security
  • Identification and research of security solutions for use with clients
  • Leading teams to deliver security change in complex organisations
  • Contributing to business development


You will have some or all the following skills and experience:

  • OT Security Governance & Management
  • Deep understanding and experience with NIS directive compliance and programme management
  • OT Infrastructure and Network Security (experience of Purdue model)
  • OT Security Design, Architecture and Engineering,
  • Security Architecture
  • Identity and Access Management/ Privileged Access Management
  • Security Project management and delivery experience
  • Technical security implementation
  • Security qualifications including CISSP, GICSP, CISM, CISA, ISO 27001, PCI DSS, SABSA, CCSP, etc.
  • Project Management (ideally Prince2 Certified)
  • 5-10 years of relevant experience
  • > 5 years in-depth experience of securing Industrial Control Systems (ICS) such as PLC, SCADA, DCS, Serialisation solutions
  • Higher Degree (Bachelor or Master) in Automation, Electronics, Engineering or Computer Science (IT)
  • Knowledge and experience (designing, commissioning, or maintaining) ICS systems:  SCADA, EMS, DCS, or PLC. Experience in supporting or troubleshooting industrial protocols such as Modbus TCP, HART, OPC, etc.
  • Knowledge of multiple security standards e.g.:  IEC 62443/ISA 99, NIST SP 800-82, NERC CIP.
  • A passion for Cybersecurity together with a drive for continuous self-development.
  • Strong communication skills (written and verbal) for both technical and non-technical audiences.
  • Strong understanding of physical security requirements including sector-specific requirements
  • Experience in a professional’s services firm is an advantage

Apply now »