Assistant Manager - Risk Consulting Ernst & Young AE

The opportunity

At EY, we are investing significantly in improving our Digital Risk practice across MENA. As clients navigate AI, OT transformation, and digital convergence, the need for strong, forward-looking risk capabilities has never been higher.

We are expanding our Digital Operational Risk services in the region and looking for an Assistant Manager OT Risk to join our Risk Consulting team in Riyadh. While the role is based in Saudi Arabia, you ll be expected to travel across the GCC and wider MENA region, with occasional international engagements (up to 50 80%).

Your key responsibilities

The majority of your time will be spent delivering Digital Risk engagements. You ll participate in client delivery with support from senior team members, and contribute to proposals, presentations, and go-to-market initiatives.

You will be responsible for:

• Supporting and executing OT risk assessments, control design, and gap analysis
• Delivering maturity assessments and developing OT risk remediation strategies
• Evaluating digital risks to SCADA, DCS, Smart Grids, DMS, and ECS system architecture
• Helping clients define and implement OT risk governance frameworks aligned with ISA/IEC 62443, NIST 800-82, and industry best practices.
• Identifying and mitigating risks linked to convergence between IT, OT, and IoT systems.
• Supporting clients in designing OT risk dashboards, metrics, and reporting for governance committees
• Ensuring high-quality and timely delivery across your assigned workstreams.

To qualify for the role, you must have.

• 5+ years of experience in OT/ICS environments and/or industrial digital risk, preferably within Oil & Gas, Power, Utilities, or Transportation
• Solid understanding of OT/ICS security, controls, and architecture
• Knowledge of products and technologies from Honeywell, GE, Siemens, ABB, Schneider, etc.
• Familiarity with ICS protocols and plant environments (SCADA, DCS, PLC, RTU, HMI)
• Understanding of OT-related risk domains: safety, process integrity, downtime risk, regulatory exposure
• Experience in evaluating and implementing OT controls (e.g., segmentation, firewalls, remote access protection)
• Exposure to OT/IIoT risk regulations and frameworks: ISA/IEC 62443, NIST 800-82, ISO 27019, NERC-CIP
• Awareness of digital risk issues related to operational disruptions, third-party risks, and legacy system exposure.
• Technical certifications (GICSP, ISA99/IEC 62443, ISO 27001, or equivalent)
• Arabic and English fluency (written and spoken)

Skills and attributes for success

• A passion for OT environments, digital risk, and resilience
• Solid technical foundation in ICS/OT technologies and communication protocols
• Ability to simplify complex concepts and communicate risk in business language.
• Positive energy, high accountability, and a collaborative mindset
• Strong writing, documentation, and presentation skills
• Consulting experience or client-facing delivery is preferred.

Qualifications

• Bachelor s degree in Electronics Engineering, Electrical, Mechatronics, Industrial Automation, or related field
• Willingness to pursue or hold professional certifications:
• ISA/IEC 62443
• GICSP
• ISO 27001
• CISSP, CISM, CRISC (optional but valuable)

What we look for

We re looking for professionals who want to build a career in Digital Risk who understand the business-critical nature of OT environments and want to make a real impact by helping clients manage their most operationally sensitive risks.

You should be confident engaging both engineers and executives, and passionate about helping clients embed risk-aware decision-making in their operations.