TC-Cyber Security-OT Security Specialist-Senior Manager

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Technology Consulting – Cyber

Senior Manager - Cyber Security- OT Security Specialist

General Information

Business Area: Tech Consulting – Cyber Security

Core skills: Lead OT Security Specialist

Contract Type: Full-Time – Permanent

As part of our Cyber Technology Consulting team, you will handle leading and managing OT securityengagements for clients across MENA region. You’ll work with high-profile organizations in energy, utilities, manufacturing, and other industrial sectors to assess, strengthen, and transform their OT security postures. This role offers the opportunity to collaborate across service lines and bring end-to-end cyber resilience to our clients’ industrial environments.

The opportunity

We’re looking for a Senior manager with hands-on expertise and experience in driving OT security engagements to join our EY GDS Cyber Technology Consulting team. This is a fantastic opportunity to be part of a leading firm, with a minimum of experience of 12-15 years.

Your key responsibilities 

• Lead and deliver OT security assessments, including risk assessments, architecture reviews, and maturity evaluations across SCADA, DCS, PLC, and ICS environments.
• Conduct OT/ICS-specific vulnerability assessments and support red/blue/purple team simulations in industrial networks.
• Develop customized OT cybersecurity roadmaps aligned with international standards (e.g., IEC 62443, NIST 800-82, NCA CCC, etc.).
• Interface with client stakeholders from operational, engineering, and executive teams to deliver technical findings and strategic recommendations.
• Support the development of OT security programs, policies, network segmentation strategies, and incident response playbooks tailored for industrial operations.
• Manage multiple concurrent engagements while ensuring quality delivery, client satisfaction, and timely completion.
• Collaborate with internal teams from advisory, IT cyber, and risk consulting for integrated service delivery.
• Develop detailed reports, articulate technical findings, and deliver actionable recommendations to both technical teams and executive stakeholders.
• Manage multiple engagements, ensuring timely delivery, quality assurance, and adherence to industry best practices.
• Stay updated with emerging cyber threats, vulnerabilities, and offensive security techniques, and incorporate these insights into client engagements
• Mentor and coach junior team members, fostering their technical and professional development. 
• Help develop/respond to go to market, RFP/RFI responses
• Practice building

Skills and attributes for success 

• Strong technical understanding of OT/ICS systems and cybersecurity challenges unique to industrial environments.
• Experience working with OT network protocols (Modbus, DNP3, OPC-UA, etc.) and devices (PLCs, RTUs, HMIs).
• Familiarity with industrial threat intelligence, attack vectors, and real-world OT incident case studies.
• Excellent communication and stakeholder management skills, especially in cross-functional industrial settings.
• Proven ability to interpret complex findings and translate them into actionable insights for both technical and non-technical audiences.
• Collaborating with other members of the engagement team to plan the engagement and develop work program timelines, risk assessments and other documents/templates.
• Ability to interpret complex technical results and present insights to business stakeholders.
• Strong analytical, problem-solving, and critical-thinking skills.
• Excellent communication and collaboration skills
• Deep technical understanding of offensive security methodologies, including network penetration testing, web application testing, and adversary simulation.
• Strong knowledge of OT security frameworks (e.g., IEC 62443). 

 To qualify for the role, you must have 

• A bachelor's or master’s degree in information technology, cyber security etc.
• Excellent communication skills with a consulting mindset
• Skills across OT cybersecurity, ICS/SCADA security, or related areas.
• 6-7    years of experience in technical OT security assessments
• Excellent communication skills with a consulting mindset.
• Ability to travel to the MENA region

Ideally, you’ll also have 

• Industry-recognized certifications (e.g., IEC 62443, NIST 800-82, NCA OTCC, SANS ICS).
• Experience in OT security engagements
• Certifications such as GICSP, ISA/IEC 62443, GRID, or equivalent.
• Experience supporting or responding to OT cyber incidents or implementing cybersecurity controls in industrial networks.

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.