Ernst & Young Advisory Services Sdn Bhd
TC-CS-Cyber Architecture- OT - Engineering-OT-Security -Manager
Ernst & Young Advisory Services Sdn Bhd, Palo Alto, California, United States, 94306
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.EY- Cyber Security (OT Security) – Technology Consulting – ManagerGDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value.The opportunityThe GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to managing security risks. The AEET team is looking for individuals who would develop, deliver and lead the delivery of Operational Technology (OT) security engagements with focus on development of proposals in this area, and develop OT security solutions. He/she will play a key role in helping clients identify the security risk in the existing IT/OT environments, either through advisory and/or implementation support. He/she will be responsible for driving activities within their own engagements, assigning and scheduling resources, and monitoring deliverable progress. Our Managers also partake in building new solutions and reusable assets for the firm.Help the firm identify opportunities and develop business across the globe.Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT.Demonstrated consulting skills with OT-ICS industries (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, etc.).Ensure delivery of quality client services. Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Stay abreast of current business and industry trends relevant to our clients.Establish relationships with client personnel at appropriate levels.Demonstrate capability to manage client expectations.Build strong internal relationships within EY Consulting Services and with other services across the organization.Demonstrate in-depth technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge.Demonstrate and apply a thorough understanding of comprehensive range OT-ICS technologies. Use knowledge of the current technologies with IT and ICS convergence environment and trends to identify client service issues. Contribute to people-related initiatives, including development, coaching, recruiting, training and retaining staff.Maintain an educational program to continually develop personal skills of staff.Understand and follow workplace policies and procedures.Foster teamwork and lead by example.Skills and attributes for successThe OT Security Manager must display the following skills:
The ability to guide and direct OT -ICS Security team members.The ability to work both in a management capacity, and in a detailed, hands-on capacity.Experience in conducting security audits in OT environments.Experience in identifying and articulating vulnerabilities/ risks/ issues/ obstacles regarding security posture and configurations.Ability to strategize at holistic level and detailed level to solve complex business and technology issues ensuring that the IT and business teams are aligned.
Interpersonal skills:
Self-motivated with the ability to work independently as well as with a team.Identify and effectively communicate issues.Strong stakeholder management skills.Ability to liaise with other teams and business, representing the views of IT security.Exert influence through all levels of the program and stakeholder management.Negotiate resolutions which are satisfactory to all stakeholders.Effectively collaborate with multiple global teams.
Technical Skills
The OT Security Manager must display the following skills:Demonstrate knowledge in identifying threat, attack surface area and risk mitigation in OT environment.Knowledge of OSI layer and various protocols used at different layers.Design and implement networking and security controls in OT environment.Knowledge of OS (Windows / Linux) security, Database security and DLP systems.Knowledge of cyber threats and vulnerabilities related to platform and infrastructure.Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by various industrial control systems.Knowledge of various sensors and sensing devices and identify security issues related to them.Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP.Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, NIST standards on Cyber Security, HITRUST, etc. is a plus.Knowledge of tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus.
To qualify for the role, you must haveBE - B. Tech / MCA / M. Tech / MBA with background in computer science and Industrial Automation.More than 12 Years of relevant experience.Strong Excel and PowerPoint skills.Demonstrated leadership abilities.Excellent interpersonal, written, verbal, communication, and presentation skills.Prominent Cyber Security Certifications – CISSP, CISA, CISM, etc.Global Industrial Cyber Security Professional (GICSP).Solution Operator Certifications (Palo Alto, Check Point, Microsoft, Armis, Nozomi..).What we look forA team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills.An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide.Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries.What working at EY offersAt EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:Support, coaching and feedback from some of the most engaging colleagues around.Opportunities to develop new skills and progress your career.The freedom and flexibility to handle your role in a way that’s right for you.EY | Building a better working worldEY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
#J-18808-Ljbffr
The ability to guide and direct OT -ICS Security team members.The ability to work both in a management capacity, and in a detailed, hands-on capacity.Experience in conducting security audits in OT environments.Experience in identifying and articulating vulnerabilities/ risks/ issues/ obstacles regarding security posture and configurations.Ability to strategize at holistic level and detailed level to solve complex business and technology issues ensuring that the IT and business teams are aligned.
Interpersonal skills:
Self-motivated with the ability to work independently as well as with a team.Identify and effectively communicate issues.Strong stakeholder management skills.Ability to liaise with other teams and business, representing the views of IT security.Exert influence through all levels of the program and stakeholder management.Negotiate resolutions which are satisfactory to all stakeholders.Effectively collaborate with multiple global teams.
Technical Skills
The OT Security Manager must display the following skills:Demonstrate knowledge in identifying threat, attack surface area and risk mitigation in OT environment.Knowledge of OSI layer and various protocols used at different layers.Design and implement networking and security controls in OT environment.Knowledge of OS (Windows / Linux) security, Database security and DLP systems.Knowledge of cyber threats and vulnerabilities related to platform and infrastructure.Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by various industrial control systems.Knowledge of various sensors and sensing devices and identify security issues related to them.Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP.Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, NIST standards on Cyber Security, HITRUST, etc. is a plus.Knowledge of tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus.
To qualify for the role, you must haveBE - B. Tech / MCA / M. Tech / MBA with background in computer science and Industrial Automation.More than 12 Years of relevant experience.Strong Excel and PowerPoint skills.Demonstrated leadership abilities.Excellent interpersonal, written, verbal, communication, and presentation skills.Prominent Cyber Security Certifications – CISSP, CISA, CISM, etc.Global Industrial Cyber Security Professional (GICSP).Solution Operator Certifications (Palo Alto, Check Point, Microsoft, Armis, Nozomi..).What we look forA team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills.An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide.Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries.What working at EY offersAt EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:Support, coaching and feedback from some of the most engaging colleagues around.Opportunities to develop new skills and progress your career.The freedom and flexibility to handle your role in a way that’s right for you.EY | Building a better working worldEY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
#J-18808-Ljbffr