2 Claroty Jobs

EY- Cyber Security (OT Security) Technology Consulting Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills and attributes for success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What we look for A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What working at EY offers At EY, were dedicated to helping our clients, from startups to Fortune 500 companies and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way thats right for you

Job Title: OT Cyber Security Professional / Expert Experience- Sr. Project Engineer (Professional) - 4-9 years. (Open Positions 3 to 4) Project Lead (Expert) - 8-14 years. (Open Positions 1 to 2) Location: Navi Mumbai (This is not a Hybrid or WFH opportunity) Notice period- Immediate to 60 days Willingness to travel onsite 40% of the time - Mandatory Job Description: We are seeking a highly skilled OT (Operational Technology) Cybersecurity Professional/Expert to design, implement, and manage cybersecurity solutions for our clients industrial environments. Candidate should be able to play a pivotal role in delivering secure and reliable OT architectures, ensuring compliance with cybersecurity standards, and protecting industrial control systems such as SCADA, HMI, PLC, RTUs, DCS, IoT Devices, MES applications, Managed Switches etc against evolving threats. The ideal candidate will possess a deep understanding of Industrial Automation protocols, risk assessment, and system integration to deliver cutting-edge cybersecurity solutions tailored to diverse industrial sectors. Key Responsibilities: 1. Design and Deployment : Architect and implement advanced security solutions tailored to OT environments, such as network segmentation, firewall configurations, and secure remote access gateways. 2. Threat Detection and Response : Configure OT-specific intrusion detection systems (IDS), intrusion prevention systems (IPS), and anomaly detection tools of products from companies like Nozomi Networks or Claroty. 3. Protocol Analysis : Analyze and secure industrial network protocols (e.g., Modbus, OPC-UA, DNP3, Ethernet/IP, Profibus, Profinet and other fieldbus protocols) against vulnerabilities and unauthorized activity. 4. Security Hardening : Implement device hardening practices on PLCs, RTUs, and HMIs, legacy products, including secure firmware updates, role-based access control, and default credential elimination. 5. Incident Management : Establish incident response plans for OT environments, including preparation, detection, containment, eradication, recovery, and post-incident review. 6. Vulnerability Management : Conduct regular vulnerability scanning and patch management for OT systems, ensuring minimal downtime while adhering to operational requirements. 7. Secure Integration : Lead the secure integration of IT-OT environments, ensuring compatibility while minimizing cybersecurity risks, such as lateral movement threats. 8. Continuous Monitoring : Configure and maintain Security Information and Event Management (SIEM) systems specifically for OT environments to identify and respond to threats in real time. 9. Compliance Audits : Perform in-depth compliance audits for standards like IEC 62443, NIST 800-82, and other relevant frameworks, ensuring regulatory alignment. 10. Red Teaming and Penetration Testing : Simulate cyberattacks to test the resilience of OT systems, document findings, and implement necessary remediation measures. 11. Supply Chain Security : Assess and mitigate cybersecurity risks introduced by third- party vendors or contractors in OT environments. 12. Encryption and Data Security : Implement encryption techniques for secure data transfer across OT networks and ensure compliance with data privacy regulations. Maintain thorough documentation of systems, configurations, and project progress. ualifications: 1. Bachelors or master’s degree in ECTC, computer science, Cybersecurity, or a related field. Minimum 4 years of experience in OT cybersecurity or industrial control systems security. 2. Hands-on experience with SCADA systems, PLCs, DCS, and industrial network protocols (e.g., Modbus, OPC, BACnet, Profibus). 3. Knowledge of cybersecurity frameworks like IEC 62443, NIST 800-82, and ISO 27001. 4. Proficiency in Claroty’s tools and software like CTD, SRA etc. 5. Strong understanding of network segmentation, firewall policies, and secure remote access solutions. 6. Certifications or strong practical know how on (multiple if not all) – a. ISA/IEC 62443 Cybersecurity Certificates b. Certified SCADA Security Architect (CSSA) c. Certified Information Systems Security Professional (CISSP) d. CompTIA Security+ e. Offensive Security Certified Professional (OSCP) f. Certified Information Systems Auditor / Manager (CISA) / (CISM) 7. Excellent problem-solving and analytical skills. Familiarity with safety instrument systems (SIS) and knowledge of industry standards such as IEC 61511. 8. Excellent problem-solving skills and attention to detail. 9. Strong communication and interpersonal skills. 10. Ability to work independently and as part of a team. 11. Willingness to travel to client sites as required. Preferred Additional Skills: - Experience in integrating OT systems with IT environments securely. - Familiarity with cloud and IoT security in industrial settings. - IT Network Certifications. What We Offer: - Best in class salary and benefits package. - International exposure C Onsite. - Opportunities for professional growth and development. - A collaborative and innovative work environment. - The chance to work on cutting-edge industrial automation projects.