Senior Cyber Security Consultant (IT/OT Security)

at  EY

THE OPPORTUNITY

The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Cyber security engagements (IT and OT engagements), development of proposals in this area, and develop Cyber Security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support.

TO QUALIFY, CANDIDATES MUST HAVE:

• Strong knowledge of cyber / information security concepts, Risk and controls concepts.
• Strong knowledge of both Microsoft and Linux operating systems to a good extend.
• Strong knowledge of IT infrastructure and Networking, including Firewalls and IDS/IPS.
• Strong knowledge of TCP/IP, concepts of OSI layer and protocols, networking, and security concepts.
• Strong understanding of security-related operational processes in IT environments.
• Knowledge of cyber threats and vulnerabilities related with IT infrastructure (OS, Network, OT-specific equipment is a definite plus).
• Security Assessments: Proven experience conduction Information Security assessments.

RECOMMENDED SKILLS:

• Prior experience working alongside delivery leads and architects to Identify and manage risks.
• Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, NIST standards on Cyber Security, HITRUST, etc. is a plus.
• Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks.
• Knowledge of the technical security solutions utilized within IT and OT systems and networks.
• Knowledge on tools like Nessus, Qualys, NMAP etc. is a definite plus.
• Basic knowledge on Firewall and switch configuration.
• Knowledge on new technologies such as the Internet of Things (IoT), Operational Technology Threats is a definite plus.
• Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP is a definite plus.
• Threat Identification and monitoring tools used along with SIEM solutions such as Nozomi Networks, Claroty, Microsoft Sentinel
• Exposure/hands-on to IT/OT monitoring solutions (Claroty, Nozomi Networks, Armis, Azure IoT Defender etc).

TO QUALIFY FOR THE ROLE, YOU MUST HAVE:

• 3+ years of experience in the Cyber Security or OT Security Domain
• Certifications – CCNA, CISSP, CISA, CISM, GICSP or equivalent (technology-based)

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for yo