TC-CS-Cyber Detection and  Response...

EY is seeking a Senior Consultant with expertise in Operational Technology (OT) and Internet of Things (IoT) security solutions to join our Cyber Detection and Response team in Bengaluru, India. This role is crucial for our growing service offering in OT/IoT security.

As a Subject Matter Expert (SME) for OT/IoT security, you will be a key member of the Security Operation Centre (SOC), specifically focusing on OT cybersecurity. You will provide operational support for globally deployed OT network monitoring solutions like Nozomi, Claroty, Armis, DarkTrace, and Azure Defender. Your responsibilities will include assessing the security of OT and IoT systems, acting as the primary technical analyst for the OT Network Monitoring service, and analyzing OT & IoT network traffic patterns in collaboration with various organizational teams.

This role involves leading and implementing improvements in cybersecurity threat monitoring, attack response, incident response planning, and validation of physical security, IoT, and SCADA environments. You will coordinate with the Cyber Security team and other structures to respond to CSIRT and emergency preparedness procedures. Additionally, you will assist in developing and improving the security incident response framework, conduct Cyber Incident Response exercises, and confirm security control configurations based on incidents and threat intelligence.

Key responsibilities include participating in OT security incident response across all phases, hunting for Indicators of Compromise (IOCs), and analyzing Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs). You will establish strong working relationships with manufacturing sites to drive recommendations for improved cybersecurity posture.

The ideal candidate will possess knowledge of relevant OT Cyber Frameworks (e.g., NIST 800-82, ISA62443), experience in control systems (ICS, SCADA, DCS), and expertise in OT/IoT security design, deployment, and hardening. You should be adept at providing concise summaries of complex OT situations and have in-depth knowledge of responding to OT security incidents. Strong understanding of Protective Monitoring, Vulnerability Monitoring, Threat Intelligence, and Threat Hunting within OT data is essential. You will also need knowledge of various security technologies and processes, including Industrial IDS and Industrial Firewalls, and an understanding of OT components (HMI, PLC) and communication protocols (TCP/IP, DNP3, Modbus, IEC 61850, OPC UA, PROFINET, BLE, Zigbee). Experience supporting and troubleshooting industrial protocols and working with a wide range of cyber security toolsets (SIEM, EDR/MDR, vulnerability management, firewalls, IDS/IPS) is required. Exposure to OT/IoT monitoring solutions like Claroty, Nozomi Networks, Armis, and Azure Defender is highly desirable.

To qualify, you should have a B.Tech./B.E/M.Tech/M.E with sound technical skills, strong verbal and written English communication, critical thinking abilities, and strong interpersonal and presentation skills. A minimum of 8 years of overall cybersecurity experience is required, with at least 4 years of hands-on experience operating/implementing OT/IoT Security solutions. Relevant certifications (e.g., Security+, CISSP, GCIA, GCIH, GICSP) are preferred.

Ideally, you will also have people/project management skills.

Working at EY offers opportunities for personal and professional development, including support, coaching, and feedback, chances to develop new skills, and the flexibility to manage your role. We offer challenging and stimulating assignments in an interdisciplinary environment that values high quality and knowledge exchange.