- Help the firm identify opportunities and develop business across the globe
- Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT
- Demonstrated consulting skills with OT-ICS industries (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc.)
- Ensure deliver of quality client services. Monitor progress manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Stay abreast of current business and industry trends relevant to our clients
- Establish relationships with client personnel at appropriate levels
- Demonstrate capability to manage client expectations
- Build strong internal relationships within EY Consulting Services and with other services across the organization
- Demonstrate in-depth technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge
- Demonstrate and apply a thorough understanding of comprehensive range OT-ICS technologies. Use knowledge of the current technologies with IT and ICS convergence environment and trends to identify client service issues Contribute to people-related initiatives, including development, coaching, recruiting, training and retaining staff
- Maintain an educational program to continually develop personal skills of staff
- Understand and follow workplace policies and procedures
- Foster teamwork and lead by example
Skills and attributes for success
- The OT Security Manager must display the following skills:
- The ability to guide and direct OT -ICS Security team members
- The ability to work both in a management capacity, and in a detailed, hands-on capacity
- Be experience in conducting security audit in OT environment.
- Be experienced in identifying and articulating vulnerabilities/ risks/ issues/ obstacles regarding security posture and configurations
- Ability to strategize at holistic level and detailed level to solve complex business and technology issues ensuring that the IT and business teams are aligned
- Interpersonal skills:
- Self-motivated with the ability to work independently as well as with a team
- Identify and effectively communicate issues
- Strong stakeholder management skills
- Ability to liaison with other teams and business, representing the views of IT security
- Exert influence through all levels of the program and stakeholder management
- Negotiate resolutions which are satisfactory to all stakeholders
- Effectively collaborate with multiple global teams
- Technical Skills
- The OT Security Manager must display the following skills:
- Demonstrate knowledge in identifying threat, attack surface area and risk mitigation in OT environment
- Knowledge OSI layer and various protocols used at different layers
- Design and implement networking and security controls in OT environment
- Knowledge of OS (Windows / Linux) security, Database security and DLP systems
- Knowledge of cyber threats and vulnerabilities related to platform and infrastructure.
- Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by various industrial control systems.
- Knowledge of various sensors and sensing devices and identify security issues related to them
- Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP
- Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, NIST standards on Cyber Security, HITRUST, etc. is a plus
- Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus
To qualify for the role, you must have
- BE - B. Tech / MCA / M. Tech / MBA with background in computer science and Industrial Automation
- More than 12 Years of relevant experience
- Strong Excel and PowerPoint skills
- Demonstrated leadership abilities
- Excellent interpersonal, written, verbal, communication, and presentation skills
- Minimum B. Tech. or equivalent educational qualification
- Prominent Cyber Security Certifications – CISSP, CISA, CISM, etc.
- ISA/IEC 62443 Risk Assessment Specialist*
- Global Industrial Cyber Security Professional (GICSP)
- ISO31000 – Risk Management
- GIAC Penetration Tester (GPEN)
- Solution Operator Certifications (Palo Alto, Check Point , Microsoft , Armis , Nozomi.. )
What we look for
- A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills.
- An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide.
- Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries.
At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
- Support, coaching and feedback from some of the most engaging colleagues around.
- Opportunities to develop new skills and progress your career.
- The freedom and flexibility to handle your role in a way that’s right for you.
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.