EY Senior Manager Cyber Risk & Resilience Energy Natural Resources 

Canada, Alberta, Calgary 

38860883

We are actively seeking a seasoned Cybersecurity Professional to take on a position of Senior Manager within our Canadian cybersecurity consulting practice. Specializing in expertly managing risk across both IT and OT environments, particularly for our Energy and Natural Resource clients, you will play a pivotal role in safeguarding our clients' digital landscapes amidst the profound economic, business model, and technological transformations facing this sector.

Responsibilities

As the Senior Manager, you will be working closely with a diverse portfolio of clients in the energy and natural resource sectors and will assume a pivotal position in cultivating and managing relationships across each customer account. This involves conducting comprehensive needs analyses to discern clients' cybersecurity requirements and challenges, ultimately preparing customized cybersecurity solutions tailored to meet the specific needs of each client. Your client-facing responsibilities extend to delivering tangible outcomes for our clients. This involves overseeing the implementation of recommended solutions, coordinating cross-functional teams, and ensuring that proposed cybersecurity measures align with client expectations and industry standards. Your proactive approach to client engagement, coupled with your ability to comprehend and address their unique challenges, will be instrumental in solidifying EY's position as a trusted advisor in the cybersecurity domain for our clients. This role demands a strategic mindset, effective communication skills, and an unwavering commitment to delivering exceptional value to our clients in the dynamic landscape of cybersecurity.

In addition to client engagements, you will play a pivotal role in creating thought leadership within the cybersecurity domain. This involves staying abreast of industry trends, emerging threats, and innovative solutions. You will contribute to whitepapers, research papers, and other thought leadership initiatives, showcasing EY's expertise and establishing our position as a leader in the field.

Desired Qualifications:

• Extensive Cybersecurity Experience:A minimum of 10 years of hands-on experience in cybersecurity, demonstrating a proven track record of successfully leading and delivering complex cybersecurity projects.
• Industry Expertise:Specific experience in the energy sector, showcasing a deep understanding of the unique challenges and regulatory requirements that energy and natural resource clients face in Canada.
• Leadership Skills:Demonstrated ability to lead and manage diverse teams effectively. Proven experience in overseeing and mentoring consultants, fostering a collaborative team environment, and driving successful project delivery.
• Client Relationship Management:A track record of building and maintaining strong client relationships within the energy sector. Proven ability to understand client needs, provide strategic guidance, and deliver solutions that align with client objectives.
• Strategic Thinker:Strong strategic thinking capabilities, enabling the analysis of cybersecurity landscapes, anticipation of emerging threats, and provision of proactive solutions aligned with the long-term goals of both clients and the consulting practice.
• Innovative Problem Solver:Ability to think creatively and find innovative solutions to complex cybersecurity challenges, utilizing the latest technologies and best practices.
• Excellent Communication Skills:Strong verbal and written communication skills, with the ability to articulate complex cybersecurity concepts to both technical and non-technical stakeholders. This includes the capability to author compelling thought leadership pieces.
• Certifications:Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or other industry-recognized certifications would be highly desirable.
• Advanced Degree:A master's degree in a related field such as cybersecurity, information technology, or business administration would be advantageous.
• Security Clearance is preferred.

1. Cloud Security:
   • In-depth understanding of cloud platforms such as AWS, Azure, and Google Cloud.
   • Experience with securing cloud-based infrastructure, applications, and data.
   • Knowledge of cloud security best practices and compliance requirements specific to the energy sector.
2. OT (Operational Technology) Security:
   • Expertise in securing industrial control systems (ICS) and SCADA systems within the energy industry.
   • Understanding of unique challenges in OT environments and strategies to mitigate associated risks.
3. MDR/XDR (Managed Detection and Response/Extended Detection and Response):
   • Knowledge of MDR/XDR solutions and services, including threat detection, incident response, and proactive threat hunting.
   • Experience in implementing and managing MDR/XDR programs for energy clients.
4. Network Security:
   • Proficiency in designing and implementing robust network security architectures.
   • Knowledge of network protocols, firewalls, intrusion detection/prevention systems, and VPN technologies.
5. Endpoint Security:
   • Expertise in endpoint protection strategies, including antivirus, endpoint detection and response (EDR), and device management.
   • Experience in securing diverse endpoint devices within an organization.
6. ERP (Enterprise Resource Planning) Security:
   • Familiarity with ERP systems commonly used in the energy sector (e.g., SAP, Oracle).
   • Experience in securing ERP applications and databases, ensuring data integrity and confidentiality.
7. Identity and Access Management (IAM):
   • Understanding of IAM principles, including user authentication, authorization, and identity governance.
   • Experience in implementing IAM solutions to manage access to critical systems and data.
8. Incident Response and Forensics:
   • Knowledge of incident response methodologies and best practices.
   • Experience in digital forensics and the ability to investigate and analyze security incidents.
9. Regulatory Compliance:
   • Familiarity with cybersecurity regulations relevant to the energy sector in Canada.
   • Experience ensuring compliance with standards such as NERC CIP, CSAE 3416, and provincial regulations.
10. Emerging Technologies:
    • Awareness of emerging cybersecurity technologies and trends, such as AI/ML-driven security solutions and zero-trust architectures.

What we offer

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package allows you decide which benefits are right for you and which ones help you create a solid foundation for your future. Our Total Rewards package includes a discretionary bonus program, a comprehensive medical, prescription drug and dental coverage, a defined contribution pension plan, a great vacation policy plus firm paid days that allow you to enjoy longer long weekends throughout the year, statutory holidays and paid personal days (based on province of residence), and a range of exciting programs and benefits designed to support your physical, financial and social well-being. Plus, we offer:

• Support and coaching from some of the most engaging colleagues in the industry
• Learning opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

Make your mark. Apply today.