EY Cyber OT Security - EY GDS Hybrid 

Spain, Andalusia, Málaga 

622010023

Your key responsibilities:You will be participating in OT Cybersecurity projects helping to our customers to secure their critical infrastructure. Designing, developing and implementing security measures and controls helping to improve their cybersecurity posture. As Senior OT Security Consultant you need to be able to discuss with different stakeholder level and conduct technical discussions understanding the business requirements.

Recommended skills:

• Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus
• Nice to have experience conducting OT Security Assessments.
• Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT/ICS systems and networks
• Knowledge of the technical security solutions utilized within OT/ICS systems and networks (Network Segmentation, Defence in depth, Zero Trust)
• Knowledge about Cybersecurity Technologies/Solutions like IDS/IPS, SIEM, NGFW.
• Knowledge of OT/ICS Security standards, frameworks and normatives, including ISA/IEC 62443, NIST 800-82, NIST-CSF, NERC-CIP, NIS2 directive.

To qualify for the role, you must have

• 3+ years of experience in the Cyber Security or OT Security Domain
• At least one OT Security related certifications (e.g. ISA/IEC62443, GICSP, CCNA, CISSP, CISA, CISM, or equivalent (technology-based))
• Strong understanding of security-related operational processes in OT-ICS environments
• Strong knowledge of cyber / information security concepts, risk and controls concepts
• Strong knowledge of both Microsoft and Linux operating systems to a good extend
• Strong knowledge of IT infrastructure and Networking, including Firewalls and IDS/IPS
• Strong knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts
• Knowledge of cyber threats and vulnerabilities related with OT infrastructure (OS, Network, OT-specific equipment)
• Exposure/hands-on to IOT/OT monitoring solutions (Claroty, Nozomi Networks, Armis, Azure IoT Defender etc.)
• Knowledge and hands on with Cyber Security Assessment

Ideally, you’ll also have:

• Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, NIST standards on Cyber Security, HITRUST, etc. is a plus
• Knowledge on new disruptive technologies such as the Internet of Things (IoT), AI.