At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

Cyber Security Manager
OT/IOT Security
EY is seeking a passionate Cyber OT (Operational Technologies), Industrial Control Systems (ICS) security and / or IoT expert to join a world leading practice focused on protecting mission critical systems and national critical infrastructures. This role is a critical part of an operational service to protect some of the world’s leading organizations from Cyber threats that span more than just IT. The successful candidate will work closely with the regional cyber leadership. The candidate is expected to possess strong knowledge and skills on OT/IOT security

As a Manager in OT/IOT Cybersecurity, you will support in preparing solutions for moderately complex projects - or for elements of highly complex projects – also you will be supporting client presentations and in designing proposals and be engaged in largely on-site and some off-site delivery.

Drawing on your skills and experience, you will contribute to creating innovative insights for clients, adapt methods and practices to fit operational team and cultural needs, and contribute to thought leadership. In addition, you will support the packaging of overall project findings into clear, concise, high-quality work products.

While reporting to the EY MENA Cyber Security leadership, you will contributing as a subject matter resource for OT/IOT and Cyber Security topics applicable to EY’s Cyber Security Strategy.

As a respected senior professional, you will communicate effectively with EY’s engagement managers, directors, and partners.

Business responsibilities

• Participate in OT/IOT Cybersecurity transformational and long term strategic engagements
• Participate in OT Security operational activities
• Be able to advocate innovative cyber security offerings
• Willing to extensively travel and work from Middle East, especially in Qatar and KSA
• Understand all EY service offerings and actively identify opportunities to better serve clients
• Build strong internal relationships within EY Consulting Services and with other services across the organization.

Technical skills requirements
You will have at 8 to 10 years of experience in Information security and OT/IOT cyber security preferably within the Oil and Gas, Power and Utilities Sectors and capable of demonstrating knowledge in some of the below areas:

• Solid Knowledge of the OT and ICS security domains
• Experience in ICS/OT products and technologies, hardware and software including, but not limited to Honeywell, GE, Siemens and ABB product families and platforms
• Strong understanding of the complex and sensitive nature of ICS/SCADA environments
• Capable of Evaluating the cyber risks to SCADA, DCS, Smart Grids, DMS, and ECS systems architectures
• Solid understanding of the relevant industries production processes and operational procedures
• Solid knowledge of Industrial networking protocols security such as DNP3, Modbus, Profinet, ZigBee, IEC 104..etc.
• Cyber OT endpoint OS and Server OS knowledge
• Strong analytical and problem solving skills
• Knowledge of OT Capable SIEM, security events logging and monitoring technologies and platforms such as Nextnine, Industrial defender, Splunk, Arcsight, QRadar or others
• Experience in deploying of unidirectional firewalls, host based firewalls, Anti-Malware, IPS/ IDS / HIDS in plant and operational environments
• Awareness of Network monitoring technology platforms such as Fidelis XPS, RSA or others
• Solid understanding of applicable best practices and security standards such as NERC-CIP, ISA99 (IEC 62443), NIST 800-82, Qatar’s National ICS security standard, etc.
• Internationally recognized technical certifications in relevant areas
• Good understanding of plant Process systems, plant safety and plant integrity systems and solutions
• Strong knowledge and experience of, OT Governance planning, Implementation experience of ISO 27001 and IEC 62443 framework, OT Assessments, Policy and Procedure Development, Plant Shutdown and Turnaround Planning,
• Certified as GICSP (Global Industrial Control Systems Professional) is highly desired.

Additional requirements

• Bachelor’s degree in Electronics Technology, Computer Engineering, Electrical engineering, mechatronics or similar specialization in the electronics, PLC, wireless (radio), networking, and/or ICS technology field
• Demonstrated track record with a blue-chip consulting organization and/or a blue-chip organization is appreciated
• Relevant professional qualifications such as CISSP, ISA99 certifications, ISO 27001, CCSA, CCSE, CRISC, CCSP etc.

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.