TC-CS-Cyber Architecture- OT and Engineering-OTSecurity-Senior

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

EY- Cyber Security (OT Security - IAM) – Technology Consulting – Senior
GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value.
 

The opportunity
The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT)Identity and Access Management (IAM) security engagements, development of proposals in this area, and develop OT IAM security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support.
 

Your key responsibilities
To qualify, candidates must have: 

• Understanding of security-related operational processes in the OT-ICS environments
• Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks
• Knowledge of Purdue reference model used for ICS Security
• Exposure across one or more of the following OT IAM areas: Identity Governance; Access Management; Privileged Access Management; Remote access management; Physical access management; IT/OT AD management and worked with one or more of the following IAM technologies: SailPoint; Saviynt, CyberArk; Azure AD; OneIdentity, BeyondTrust, Okta; Ping, ForgeRock, Claroty, Fortinet and Zscaler.
• OT IAM business analysis experience; requirements gathering and use case development
• OT IAM assessment, strategy and roadmap development
• OT IAM controls governance frameworks over processes, controls, organisation and infrastructure
• Experience managing and coaching others in the development and delivery of complex client solutions and/or OT IAM proposition development
• Design experience for OT  IAM solutions on client transformations
• Knowledge of different network components such (Switch, Routers, Firewalls) and their configurations. CCNA certified will be an added advantage.
• Prior experience of network segmentation (as per ISA 62443, Purdue model) will be an added advantage
• Knowledge of cyber / information security concepts, risk and controls concepts 
• Understanding of aspects of functional safety (SIS)
• Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts
• Knowledge of the technical security solutions utilized within OT-ICS systems and networks
• Knowledge of OS (Windows / Linux) security, Database security  
• Knowledge of IT infrastructure
• Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus   
• Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus
• Prior experience of working on industrial control systems and industrial protocols such as Modbus, Profibus, Profinet etc.
• Familiar with Microsoft tools such as Microsoft Excel, Microsoft Project, and Microsoft Visio (for network diagram creation)
• Creation of network diagrams for network segmentation implementation using Microsoft Visio. 

Skills and attributes for success

• Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields
• Certificates or education related to industrial automation / engineering etc.
• Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP
• Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender.
• Project management experience on IAM solution deployments (waterfall and/or agile)
• Professional services experience working as a consultant with market leading organisations in the delivery of their OT IAM solutions
   

To qualify for the role, you must have

• 5+ years of experience in the Cyber Security and OT Security Domain 
• Minimum B. Tech. or equivalent educational qualification 
• ISA/IEC 62443 Fundamental*
• SCADA Fundamentals
• CompTIA Network+
• CompTIA Security+

What we look for

• A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills.
• An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide.
• Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries

What working at EY offers

At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.