EY GDS Consulting Cyber Security - OT/IoT Management Senior Analyst 

Philippines, Taguig 

793162349

• Implement and maintain compliance with NIST CSF, ISA/IEC 62443, NIST SP 800-82, and other relevant cybersecurity frameworks.
• Conduct regular assessments to evaluate the effectiveness of security controls and compliance with established frameworks.
• Perform risk assessments to identify vulnerabilities and threats within OT environments.
• Develop risk management strategies and mitigation plans to address identified risks.
• Assess the current security posture of OT systems and networks.
• Provide recommendations for improvements based on industry best practices and regulatory requirements.
• Develop and maintain GRC policies, procedures, and documentation.
• Ensure that OT security policies align with organizational goals and regulatory requirements.
• Advocate for and assist in the implementation of Zero Trust principles within OT environments.
• Evaluate and recommend technologies and practices that support a Zero Trust security model.
• Participate in incident response planning and execution for OT security incidents.
• Collaborate with IT and security teams to investigate and remediate security incidents.
• Work closely with cross-functional teams, including IT, engineering, and operations, to ensure a cohesive approach to OT security.
• Communicate findings and recommendations to stakeholders at all levels of the organization.
• Stay current with emerging trends, threats, and technologies in OT security.
• Recommend and implement continuous improvement initiatives to enhance the security posture of OT systems.

• Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or a related field. Master’s degree preferred.
• Minimum of 3-5 years of experience in OT security, cybersecurity, or a related field.
• Hands-on experience with NIST CSF, ISA/IEC 62443, NIST SP 800-82, and Zero Trust frameworks.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) are preferred.
• Strong understanding of OT environments, including SCADA, PLCs, and industrial control systems.
• Familiarity with security tools and technologies used in OT environments.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to work collaboratively in a team environment.
• Detail-oriented with a strong commitment to quality and compliance.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.