Director - Risk - Cyber Security - TMT
EY is seeking an experienced and passionate Cyber OT (Operational Technologies), Industrial Control Systems (ICS) security and / or IoT expert to join a world leading practice focused on protecting mission critical systems and national critical infrastructures. This role is a critical part of an operational service to protect some of the world's leading organizations from Cyber threats that span more than just IT. The successful candidate will work closely with the regional cyber leadership. The candidate is expected to possess strong knowledge and skills on OT/ICS security
As Manager/Senior Manager in Cyber security, you'll build valued relationships with external clients and internal peers and develop a portfolio of business by focusing on high impact opportunities. You'll lead presentations and design proposals for moderately complex projects - or for elements of highly complex projects - and provide subject matter insight to bids and proposals.
Drawing on your skills and experience, you'll create innovative commercial insights for clients, adapt methods and practices to fit operational team and cultural needs, and contribute to thought leadership. In addition, you'll package overall project findings into clear, concise, high-quality work products. Acting as a subject matter resource on one or more services, you'll leverage knowledge and experience to shape Ernst & Young's services to meet client problems.
By driving improvements in business processes, you will lead all aspects of EY's Cyber Security Go To Market for OT/ICS plans for the selected country/region. While reporting to the MENA Cyber Security leadership, you will be the liaison for local sector teams and work closely with them and other Information Security colleagues to monitor the implementation of the Information Security strategy and Go to Market plan. Your other main responsibilities would be to serve as a subject matter expert for OT/ICS Cyber Security topics applicable to EY's Cyber Security Strategy.
As a respected senior professional, you'll communicate effectively with EY's engagement partners and managers and work to build, manage and motivate high-performing teams. You'll also help key staff to build sustainable competencies. Business responsibilities
Technical skills requirements
- Participate in and, as required, lead cyber Security transformational and long term strategic engagements
- Be able to provide thought leadership and advocate innovative cyber security offerings
Meeting short term as well as long term needs for national critical infrastructures
- Manage the financial aspects of client engagements and communicate significant issues, fees, and estimates-to-complete to partners and clients
- Help partners generate new business opportunities and build client networks and relationships
- Understand all Ernst & Young service offerings and actively identify opportunities to better serve clients
- Build strong internal relationships within Ernst & Young Advisory Services and with other services across the organization.
You will have at minimum 8 years of experience in Information security and OT/ICS cyber security preferably within the Oil and Gas, Power and Utilities Sectors with subject matter expertise:
- Solid Knowledge of the OT and ICS security domain
- Solid experience in ICS/OT products and technologies, hardware and software including, but not limited to Honeywell, GE, Siemens and ABB product families and platforms
- Strong understanding of the complex and sensitive nature of ICS/SCADA environments
- Capable of Evaluating the cyber and safety risks to SCADA, DCS, Smart Grids, DMS, and ECS systems architectures
- Solid understanding of the relevant industries production processes and operational procedures
- Solid knowledge of Industrial networking protocols security such as DNP3, Modbus, Profinet, ZigBee..etc.
- In depth endpoint OS and Server OS knowledge
- Strong analytical and problem solving skills
- Knowledge of OT Capable SIEMs and OT Cybersecurity products such as (Leidos, Tofino, Nozomi, Security matters, Nextnine...etc) and security events logging and monitoring technologies and platforms such as Splunk, Arcsight, QRadar or others
- Experience in deploying or managing deployments of unidirectional firewalls, host based firewalls, Anti-Malware, HIDS in plant and operational environments
- Awareness of End point protection tools, hardening techniques and platforms such as CarbonBlack, Symantec, McAfee or others
- Solid understanding of applicable best practices and security standards such as NERC-CIP, ISA99 (IEC 62443), NIST 800-82, Qatar's National ICS security standard, NESA,...etc
- Internationally recognized technical certifications in relevant areas
- Good understanding of plant Process systems, plant safety and plant integrity systems and solutions.
What we look for
- Bachelor's degree in Electronics Technology, Computer Engineering, Electrical engineering, mechatronics or similar specialization in the electronics, PLC, wireless (radio), networking, and/or ICS technology field
- Demonstrated track record with a blue-chip consulting organization and/or a blue-chip organization
- Demonstrated experience in business development and account management
- Relevant professional qualifications such as CISSP, GICSP, ISA99, ISO 27001, CCSA, CCSE, CCSP, EC-Council Ethical Hacker.
You'll need to be highly motivated, a self-starter and a strong communicator with the ability and experience to discuss technical content in business language to board level. You'll also need to be a team player who is not only looking to enhance their own career, but recognises the value in developing others and strengthening the team. What working at EY offers
We offer a competitive compensation package where you will be rewarded based on your performance and recognised for the value you bring to the business. We also offer:
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that's right for you
As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Build your legacy with us Apply now.