Manager, Cybersecurity Risk Advisory - Industrials and Energy

at  EY

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

THE OPPORTUNITY

Join EY’s dynamic Cybersecurity practice and take a key role in our Cyber Risk & Resilience team, delivering high-impact assessment services across the Industrials and Energy sectors in Canada. In this role, you will oversee and deliver IT and OT cybersecurity risk management offerings, continuously refining our portfolio to ensure they align with evolving industry needs. This is an excellent opportunity for someone passionate about delivering high-quality risk management services while helping shape innovative solutions for the future of cybersecurity.
You will manage client engagements, support business development efforts, and foster strategic alliances with key partners. Additionally, you will explore new areas, including capital projects and M&A, to expand the scope of traditional cybersecurity assessments. We’re seeking a leader who strives for excellence in every assessment, understanding that strong assessments are fundamental to effective cyber risk management.

SKILLS AND ATTRIBUTES FOR SUCCESS

Consulting and Leadership Experience

• Proven experience leading cybersecurity risk assessments, particularly in IT and OT environments within the Industrials and Energy sectors.
• Strong client management skills with a demonstrated ability to navigate complex client environments and deliver high-value outcomes.
• Experience managing multi-disciplinary teams to ensure timely, high-quality delivery of projects.

Cybersecurity Expertise

• In-depth knowledge of cybersecurity frameworks and standards (e.g., NIST, IEC 62443) relevant to IT and OT security.
• Expertise in developing and enhancing cybersecurity risk assessment methodologies.
• Familiarity with emerging technologies and cybersecurity trends, with a focus on innovation and continuous improvement.

Industry Expertise

• Strong understanding of the cybersecurity challenges facing Industrials and Energy companies, including IT/OT convergence, regulatory compliance, and operational resilience.
• Proven track record of delivering risk assessments tailored to the specific needs of these sectors.

Business Development

• A successful track record in identifying and developing new business opportunities.
• Experience leading proposals, responding to RFPs, and drafting Statements of Work (SOWs) that clearly define project scope and deliverables.
• Commitment to building long-lasting client relationships and expanding service offerings.

Innovation and Growth Mindset

• A proactive and innovative mindset, always looking for ways to enhance service offerings and deliver better outcomes for clients.
• Experience collaborating with external partners to co-create solutions and expand the cybersecurity risk assessment market.
• Strong interest in contributing to the continuous growth and development of the practice.

YOUR KEY RESPONSIBILITIES

Client Engagement and Risk Assessment Delivery

• Lead IT and OT cybersecurity risk assessments across the Industrials and Energy sectors, ensuring tailored, high-quality solutions that address clients’ specific needs.
• Act as a key point of contact for clients, managing relationships and ensuring that projects meet expectations and deliver value.
• Continuously enhance assessment methodologies to reflect best practices and drive meaningful improvements for clients.

Innovation and Offering Development

• Contribute to the development of new cybersecurity assessment offerings by leveraging emerging technologies and fostering innovation.
• Collaborate with strategic partners, including insurance companies, to create new solutions that expand the value of our risk assessments.
• Explore non-traditional areas, such as capital projects and M&A, to broaden the scope of our cybersecurity assessment services.

Business Development and Growth

• Identify and pursue new business opportunities within the Industrials and Energy sectors, helping to expand EY’s market presence.
• Collaborate with leadership on go-to-market strategies and proposal development, positioning EY as a leader in cybersecurity risk management.
• Support the achievement of business development goals by building and maintaining strong client relationships.

Leadership and Team Development

• Lead a team of professionals dedicated to delivering high-quality cybersecurity risk assessments, fostering a culture of excellence and continuous improvement.
• Provide mentorship and guidance to team members, encouraging professional growth and collaboration.
• Contribute to the overall development of the practice by sharing insights and best practices, ensuring we stay ahead of industry trends.

Strategic Alliances and Thought Leadership

• Build and nurture relationships with strategic partners, such as insurance providers and technology vendors, to enhance our service offerings.
• Represent EY as a thought leader by contributing to industry forums, publications, and panels, driving discussions on emerging trends in cybersecurity.
• Collaborate with internal and external stakeholders to bring fresh, innovative perspectives to traditional assessment methods.

TO QUALIFY FOR THE ROLE YOU MUST HAVE

• Experience: 5+ years of experience in internal audit, or cybersecurity risk assessment with at least 3 years doing both.
• Proven experience with NIST Cyber Security Framework, NERC CIP, or CSA N290.7 Standard;
• Education: Bachelor’s degree in cybersecurity, information technology, business administration, or a related field. Advanced degrees are a plus.
• Strong leadership and team management skills.
• Deep understanding of IA processes, particularly in the context of IT/OT cybersecurity.
• Excellent communication and client relationship management abilities.
• Proven ability to manage complex projects and deliver high-quality results.
• Strategic thinking with a focus on innovation and continuous improvement.