Your key responsibilities
- Acting as a member of the security operation centre with specific responsibility for the Operational Technology (OT) cyber security
- Provide operational support for globally deployed enterprise deployment of OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender.
- Coordinates with operational team to assess the security of OT and Industrial Internet of Things (IIoT) systems.
- Assist in collecting network or security log files.
- Serves as the primary technical analyst for the OT Network Monitoring service offering.
- Work directly with various organizational team(s) to help analyse OT & IIoT network traffic patterns
- Assist in implementing improvements in cybersecurity threat monitoring, attack response methods, and incident response plans
- In coordination with the Cyber Security team and other structures, be able to respond to the CSIRT and associated emergency preparedness procedures
- Conduct and Participate in Cyber Incident Response exercises
- Validate Security controls policies based on incidents and threat intelligence.
- Participate in OT security incident response.
- Conduct hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP).
- Establish strong working relationships with manufacturing sites and related personnel to drive recommendations to improve the Cybersecurity posture.
Skills and attributes for success
- Knowledge of a relevant OT Cyber Framework such as NIST 800-82 or ISA62443.
- Experience and expertise in control systems (ICS, SCADA, DCS, etc.) and OT, IIoT security
- In-depth knowledge and understanding of how to handle and respond to OT security incidents as part of a specialised incident response team
- Strong working knowledge and thorough understanding of Protective Monitoring, Vulnerability Monitoring, Threat Intelligence and Threat Hunting within OT data
- Knowledge and understanding of a wide variety of security technologies and processes
- Up-to-date knowledge of current exploit techniques, vulnerability disclosures, data breach incidents, and security analysis techniques, combined with the understanding of the potential OT impact on the security posture
- Working knowledge of cybersecurity policies and standards related to ICS/SCADA, OT/IIoT Security solutions (e.g. Industrial IDS, Industrial Firewall etc.)
- Knowledge and understanding of the OT world as related to different components such as HMI, PLC etc.)
- Knowledge and understanding of tools used to protect industrial environment
- Understanding of IT/OT/IIoT communication protocols e.g., TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, BLE, Zigbee
- Experience supporting industrial protocols such as OPC, Modbus TCP, HART, Foundation Fieldbus
- Understand and be hands on, able to work with a wide range of Cyber Security related toolsets, SIEM, EDR/MDR, Vulnerability management, Microsoft and Linux operating systems, Firewalls, IDS/IPS to name a few
- Ability to work with minimal levels of supervision or oversight.
- Exposure to IIOT/OT monitoring solutions (Claroty, Nozomi Networks, Armis, Azure Defender etc.)
- Good knowledge and experience in Security Monitoring and Cyber Incident Response
To qualify for the role, you must have
- B. Tech./ B.E/M.Tech/M.E with sound technical skills
- Strong command on verbal and written English language.
- Demonstrate both technical acumen and critical thinking abilities.
- Strong interpersonal and presentation skills.
- 5+ years’ overall experience in cyber security with 2+ previous experience supporting cyber defence analysis of Operational Technology (OT).
- Relevant certifications (Security +, GCIA, GCIH, GMON, GICSP, GRID, GCCC etc.)
Ideally, you’ll also have
- People/Project management skills.
At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that’s right for you
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.