Title: Network Security Architecture and Governance Cyber Solutions Analyst Location: Anywhere in Country Job Description: Location: Anywhere in Country At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. As an OT Defects Senior Architecture & Governance professional, you will be responsible for providing operational support for the overall issues management and associated defects creation, monitoring and tracking against the client's current referenced architecture, overseeing and governing operational technology (OT) systems to enhance security and ensure overall compliance. You support the manager and work within a team of experts to ensure that OT architectures align with organizational goals and industry standards, promoting secure and efficient operations. JOB SUMMARY: We are seeking a highly skilled and detail-oriented OT Senior Architecture & Governance Issues/Defect Solution Analyst to join our Operational Technology (OT) team. This role is pivotal in driving architectural integrity, governance compliance, and effective defect and issue resolution across OT environments. - You will collaborate with cross-functional teams to ensure that OT systems are secure, compliant, and continuously improved through structured governance and defect management processes. - In the role of OT Defects Senior Architecture & Governance, you will support the OT manager by providing defects/issues tracking and monitoring, architecture oversight and approvals for OT systems, VLANs, and controls, ensuring that all designs and implementations meet security, compliance, and operational requirements. Additionally, you will assist in overall operations, reporting focusing on processes, milestones, and deliverables. Key Responsibilities - - Review and validate OT system designs for alignment with enterprise architecture standards. - Maintain and evolve governance frameworks, SOPs, and documentation. - Support change review boards and architecture decision forums. - Defect & Issue Management - Lead defect intake, triage, and remediation cycles. - Track and report on new and existing defects, accepted risks, and remediation progress. - Facilitate weekly defect review meetings and ensure timely follow-ups with stakeholders. - Collaboration & Communication - Partner with OT architects, system owners, cybersecurity teams, and DECA to resolve issues. - Provide guidance and support to site teams on governance and defect-related matters. - Communicate clearly across technical and non-technical audiences. - Continuous Improvement - Identify gaps in current documentation and propose updates. - Contribute to the development of standard work and LEAN process improvements. - Provide architecture oversight for OT systems, ensuring alignment with organizational goals and industry standards. - Review and approve architectural designs and implementations for OT solutions, focusing on security, compliance, and operational efficiency. - Establish governance frameworks and best practices for OT architecture and design processes. - Collaborate with cross-functional teams to assess architectural designs and provide recommendations for improvements. - Facilitate decision-making processes related to OT architecture, ensuring stakeholder alignment and buy-in. - Conduct risk assessments and impact analyses for proposed changes to OT systems and architectures. - Stay current with emerging trends, technologies, and regulatory requirements in the OT space to inform governance practices. - Develop and maintain documentation related to OT architecture standards, guidelines, and governance processes. Technical Skills - Experience and knowledge on Operational Technology (OT) environments and governance - Experience with end-to-end issues management and exception/defects - Experience with defect intake, exception review, and change request workflows. - Ability to build and manage SOPs, trackers, and reporting templates - Strong familiarity, background, and/or and understanding of manufacturing, shopfloor, ICS, building management, or other OT environments - and their associated safety, quality, and production considerations - Experience with Security architecture design and assessment of technologies such as SaaS, PaaS, IaaS, AI/ML, ZTA etc. - Familiarity with cybersecurity frameworks, including NERC CIP, NIS, CIS, NIST CSF, ISO 27001, ISA/IEC 62443 - Ability to apply these frameworks to OT environments and defect resolution processes - Security controls, such as firewalls, IDS/IPS, encryption, and access management. - Risk-based Mindset, to include remediation and migration planning and tracking - ServiceNow and AuditBoard usage experience Soft Skills - Ability to analyze and resolve problems. Demonstrated ability to lead programs / projects. - Ability to assess complex OT architectures and defect patterns, identify root causes, and propose effective solutions. Ability to work closely with cross-functional teams including cybersecurity, engineering, and product owners to align on defect resolution and architecture decisions. - Precision in tracking defects, remediation and or mitigation, documenting architecture standards, and ensuring compliance reporting - Ability to lead calls with Product Owners and client stakeholders and clearly articulate review reasoning and rationale What we look for We are looking for people who strive to lead themselves, their teams, and their communities, people who can foster effective team work to drive results. We’re interested in authentic communicators with the ability to collaborate with EY colleagues across various teams who want to develop personally and professionally in a dynamic organization. What we offer you At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more. - We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $77,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. - Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. - Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.

• Complex security incidents land with you — you dig deep, perform thorough analyses, and make well‑founded decisions • As an escalation point, you bring calm to critical situations and keep communication between customers and internal teams clear and structured • In customer meetings (e.g., monthly reviews or ad‑hoc), you build trust, explain context clearly, and empower customers to use security processes independently • Together with Engineering, you further develop best practices around Microsoft Sentinel & Defender • You don’t just maintain playbooks and processes — you make them genuinely better, focusing on quality and efficiency • You actively share your knowledge with 2nd‑level analysts, lifting the whole team to the next level • False positives annoy you as much as they do us — that’s why you actively work to improve our detection quality

Role Description This is a remote position. Seeking an SOC Analyst that possesses strong expertise in Endpoint Detection and Response (EDR) tools and cyber-security incident handling. The resource will be expected to provide security monitoring and response efforts for, and in coordination with the SOC, as well as: - Strong communication, reporting, and documentation abilities. - Monitor, analyze, and respond to cyber-security events, alerts, and incidents affecting State of Iowa IT systems. - Take appropriate actions to protect IT assets from potential incidents and threats. - Document and report changes, trends, and implications related to evolving cyber-security tools, systems, and solutions. - Follow SOC processes and assist ISD Security Engineers and OCIO support teams during alerts, events, and incidents. - Submit new events and update existing events within the SOC ticketing system. - Provide phone and email support to state agencies and participating partners during alerts, events, and incidents. - Provide off‑hours or ad‑hoc shift support as required. - Proven ability to collaborate effectively with partners across varying technical backgrounds. - Capability to perform Tier 1 troubleshooting, including log collection, documentation review, and appropriate escalation. - Maintain up‑to‑date knowledge on relevant cyber-security technologies and tools. - Support Tier 1 SOC Analysts in triaging cyber-security events, alerts, and incidents. - Follow detailed operational procedures to analyze, escalate, and support remediation of critical security incidents. - Assist with SOC metrics, reporting, and communications. - Support incident response activities up to the preliminary forensics stage. - Monitor EDR tools and perform initial assessment and data gathering for alerts. Qualifications - Hands on experience working with Endpoint Detection and Response (EDR) tools - Required (3 years) - Experience responding to cyber security events and incidents - Required (3 years) - Experience working with Crowdstrike, or comparable EDR tool - Required (3 years) - Ability to work in high pressure, fast paced environments - Required (3 years) Benefits - Paid Sick Time - Insurance for Medical, Dental, Vision and Life Available - 401(k) including Employer Match - HSA, Short-term & Long-term Disability Available Company Description We are an EEO/Veterans/Disabled employer.

• Analyze design, develop, implement, and support code for government customer, the United States Postal Service • Lead security assessments for USPS applications and domains, including cloud systems • Collaborate with cross-functional teams, business units, and IT stakeholders to guide them through the USPS Assessment & Authorization (A&A) process • Develop actionable security blueprints, security models, and recommendations that strengthen enterprise security posture • Utilize GRC tools, vulnerability scanning technologies, and security architecture best practices to evaluate risks, document findings, and support authorization decisions