Risk Advisory - Cyber Security - Manager

  • 27 Somerset Rd, Green Point, Cape Town, 8051, South Africa
  • Full-time

Company Description

About Deloitte

Deloitte is the largest private professional services network in the world. Every day, approximately 220,000 professionals in more than 150 countries demonstrate their commitment to a single vision: to be the standard of excellence, while working towards one purpose – to make an impact that matters.

In South Africa, Deloitte is one of the leading professional services organisations, specialising in providing Audit, Tax, Consulting, Risk Advisory and Corporate Finance services. We serve clients in a variety of industries from financial services, to consumer business, energy, mining and manufacturing, tourism and the public sector, and we provide powerful business solutions to some of the world's most well-known and respected companies, including more than 80 percent of the Fortune 100.

Our professionals are unified by a collaborative culture that fosters integrity, outstanding value to markets and clients, commitment to each other, and strength from cultural diversity. They are dedicated to strengthening corporate responsibility, building public trust, and making a positive impact in their communities. We understand that our professionals hold interests outside of the workspace and we aim to encourage work/life balance, supporting them in all aspects of their lives.

Our talented professionals and our clients understand the link between a strong learning and development programme and the ability for Deloitte to deliver on its promise of consistent, high-quality service delivery worldwide.

Whatever your age, gender or culture, take your career to the next level with the talents and capabilities you will develop at Deloitte.

About the Division

The value that Deloitte Risk Advisory Africa creates for organisations is synonymous with operational excellence. Our five business areas work in unison to provide integrated solutions unique to the organisational requirements of any business. 

Our 5 areas are as follows:

* Governance Regulatory & Risk – GRR services help organisations protect and enhance value by managing risks and opportunities, addressing compliance and supporting management and board oversight, including internal audit, through out-of-the-box solutions with the view to turning risks into value-creating opportunities.

* Data Analytics – By understanding decision-makers’ roles to maximise analytics value, Deloitte turns everyday information into useful and actionable insights.

* Forensic – Deloitte Forensic professionals are a diverse group with a wide and varied range of proficiencies, comprising forensic accountants, legal and law enforcement specialists, and business intelligence experts, all utilising state-of-the-art forensic technology.

* Cyber & Technology Risk – CTR assists organisations in building value, by taking a Risk-Intelligent approach to managing financial, technology and business risks.  We leverage our global network and in-depth industry knowledge, to assist organisations in mitigating the risks associated with internal systems, business processes, projects, applications, data and third-party reliance.

Cyber Risk Services provides industry-tailored solutions, using demonstrated methodologies and tools in a consistent manner, with the goal of enabling on-going, secure, and reliable operations across the enterprise.

Our professionals need to have the acumen to handle complex situations and multiple responsibilities simultaneously, balancing long-term projects with the urgency of immediate operational demands. We are committed to establishing and empowering the firm by establishing an environment of continuous learning and enriching career opportunities.

Job Description

Main Purpose of Job

Supports Senior Manager in delivery of services to / at client premises on delegated engagement / project.  Focus on the management and delivery of client engagements, as well as sales and practice development. Develop high-performing people and teams, leading and supporting them to make an impact that matters, and setting the direction to deliver exceptional client service.

Technical Competencies

Expert in field with sound industry and business knowledge

  • Demonstrated leadership skills
  • Sales skills
  • Proven ability to manage and execute projects
  • Experience in drafting and presenting client proposals
  • Excellent report writing skills
  • Good financial knowledge
  • Sound business acumen
  • Display an awareness of Security architecture
  • Strong knowledge of Third Party management
  • Technical skills such as Java, JavaScript, UNIX / Windows administration and scripting are preferred
  • An understanding of at least one of the leading IAM products (Sail point, Cyber Ark, ForgeRock or others)
  • Well acquainted with LDAP, PKI, SSL, JNDI
  • Demonstrate an understanding of information security principles and best practise (e.g., ISO27001 and ISF Standards of Good Practice for Information Security
  • Describe common IAM technologies (SAML, OAuth, Open ID)
  • Perform application integration with the IAM solution
  • Demonstrate experience in implementing IAM SDLC engagements projects, including requirements gathering, analysis, design, development, testing, deployment, and application support
  • Competent in the following product suites:  
  • CA R12 Identity Management   
  • Sun Identity Management   
  • IBM Tivoli Identity Management
  • Oracle Identity Management
  • Apply solutions and products in the following IT security areas: 
  • Data
  • Data Loss Prevention     
  • Classification Solutions  
  • Endpoint and network security
  • Data encryption including endpoint, email and databases
  • Cryptography, PKI and centralized key management
  • Oracle database, networking, messaging, web proxy technologies
  • Good working knowledge of networks and network architecture and integrations
  • Understanding of information security principles and best practice (e.g., ISO27001 and ISF Standards of Good Practice for Information Security)  
  • Perform SIEM solutions like HP Arc Sight, IBM QRadar, Splunk, Log Rhythm, RSA envision, etc. Able to size, design, configure, implement and assess platforms

 Specialised Competencies

Plans and Manages Cyber Security Solutions:

  • Ability to guide teams through the design and implementation of cyber security solutions that reduce vulnerability, strengthen controls and optimize organizational efficiency
  • Helps client define a holistic future state cyber security posture to address gaps with relevant standards and frameworks (e.g. NIST 8000-53, ISO27001, SANS Critical Security Controls)
  • Keeps in mind relevant frameworks, industry standards and the overall client’s business strategy when planning cyber security assessments
  • Designs cyber security solutions (e.g., vulnerability management, identity and access management, application protection) that strengthen controls on key assets, enable compliance, while increasing operational efficiency and reducing costs
  • Leads complex technical assessments of client’s security infrastructures to identify / evaluate vulnerabilities, including considering the digital, physical, and social elements of the client, and reflecting relevant cyber threats to the client’s industry and profile
  • Develops data-enabled roadmaps and defines criteria for prioritizing solutions to drive business value
  • Designs systems and mechanisms that enable continuous learning and improvement, while increasing efficiency, accountability, and governance capabilities
  • Specializes in and builds an internal expert brand within multiple domains, while maintaining a minimum level of expertise across many areas

 Behavioural Competencies

  • Excellent communication skills, both written and verbal
  • Effective interpersonal and relationship building skills
  • Good mentorship and coaching ability with desire to develop self and others
  • Strong client delivery focus
  • Adaptable, managing change and ambiguity with ease
  • Focus on quality and risk
  • Sound problem solving ability

 

Key Performance Areas

Strategic Impact:

  • Support the Senior Manager on delivery of designated engagement / project, managing the implementation of the agreed deliverables;
  • Track outputs against Service Level Agreement and report to Senior Manager on any unforeseen issues arising
  • Seek to identify additional sales opportunities in client business
  • Assist in the preparation of proposals/tenders and presentations on request
  • Is a support resource in planning of sales presentations and client negotiation teams for new and retained business
  • Develop market network in business and build relationships that generate leads
  • Build relationships across Deloitte  service lines to understand broader offerings and seek opportunities for cross-selling
  • Generate innovative solutions on projects / engagements in collaboration with team members to enhance / renew service offerings to client

 Budgets/Profitability:

  • Manage engagement budget through accurate budgeting,  cost control and profitability management
  • Monitor that time and expenses on engagement are accurately recorded and submitted weekly
  • Manage WIP on engagement and ensure billings are timeously done and collections followed up

 Risk Strategy 

  • Ability to leverage a keen understanding of the client’s strategy to influence and advise client’s senior leadership on key risk decisions
  • Demonstrates, through deliverables and discussions, an understanding of a C-suite perspective on risk-taking and risk-avoidance, and related cost-benefit trade-offs
  • Articulates how a client’s strategy enables the allocation of capital and other resources based on strategically selected risk-reward trade-offs in light of business objectives and risk mitigation and management capabilities
  • Defines scope and prioritizes types of risk assessment (e.g., strategic, operational, financial, project and compliance) to be performed and risk events to be monitored
  • Helps client leadership understand risk appetite and tolerance for all risk areas, and defines appropriate Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) to strategically guide the analysis

 Risk Assessment and Mitigation:

  • Ability to ensure an effective risk assessment compilation and mitigation plan execution in alignment with the enterprise risk framework, risk culture, and overall business strategy
  • Prepares project plan to meet objectives within established budget and timeline and recognizes when plans should be adjusted to meet objectives
  • Develops budget, scope and staffing recommendations based on understanding of client budget and project economics
  • Communicates business objectives and desired outcomes to guide the work of others
  • Fosters a team environment that builds accountability for and commitment to meeting engagement objectives
  • Ensures that team’s work meets quality assurance standards and that all relevant risks have been identified and appropriately addressed
  • Prioritizes tasks of the team based on relative importance, delegating to the right resource, based on role, experience, and skill level
  • Recognizes potential independence or related issues and takes appropriate action, including consultation with subject matter experts as necessary

 Delivery Excellence:

  • Ability to lead projects and provide strategic direction across the account to deliver a superior client experience
  • Prepares project plan to meet objectives within established budget and timeline and recognizes when plans should be adjusted to meet objectives
  • Develops budget, scope and staffing recommendations based on understanding of client budget and project economics
  • Communicates business objectives and desired outcomes to guide the work of others
  • Fosters a team environment that builds accountability for and commitment to meeting engagement objectives
  • Ensures that team’s work meets quality assurance standards and that all relevant risks have been identified and appropriately addressed
  • Prioritizes tasks of the team based on relative importance, delegating to the right resource, based on role, experience, and skill level
  • Recognizes potential independence or related issues and takes appropriate action, including consultation with subject matter experts as necessary

 

Qualifications

Qualifications & Experience Required

  • Postgraduate qualification (relevant to Service Area / Business Management, etc.)
  • Bachelor / Honours Degree (Information Technology, Computer Science, Engineering)
  • Qualifications such as CISSP, CCNA and CCNP
  • A certification in security domain, such as CISA, CRISC
  • Technical certifications e.g. MCSE, MCITP, MCTS, CCNP, CCNA, CCiE
  • Certifications from leading vendors: e.g. Symantec, Sophos, and Microsoft
  • Data Protection related professional certification such as CIPP/CIPP/M, CIPP/T

 

Preferred

  • 5 years working experience
  • 3 years in a client-facing role
  • Experience of the Identity Management industry
  • Minimum of 5-10 yrs. plus years’ experience in information security/information risk management or engineering
  • 2 to 6 years of experience in IT, either in security, telecommunications or infrastructure;
  • Professional experience in a SOC context ( in an operational implementation role)

Additional Information

Additional Key Performance Areas:

Delivery Excellence:

  • Ability to lead projects and provide strategic direction across the account to deliver a superior client experience
  • Prepares project plan to meet objectives within established budget and timeline and recognizes when plans should be adjusted to meet objectives
  • Develops budget, scope and staffing recommendations based on understanding of client budget and project economics
  • Communicates business objectives and desired outcomes to guide the work of others
  • Fosters a team environment that builds accountability for and commitment to meeting engagement objectives
  • Ensures that team’s work meets quality assurance standards and that all relevant risks have been identified and appropriately addressed
  • Prioritizes tasks of the team based on relative importance, delegating to the right resource, based on role, experience, and skill level
  • Recognizes potential independence or related issues and takes appropriate action, including consultation with subject matter experts as necessary

Reporting and Presentations:

  • Ability to ensure reports and presentation are strategically aligned with the client’s goals and drive business success
  • Provides a vision for deliverables; validates team’s analysis and recommendations in context of broader project
  • Challenges team members to identify impactful insights to develop recommendations that most effectively support a client’s business objectives
  • Ensures accuracy and validity of client’s reports by critically analyzing hypothesis, conclusions, and recommendations
  • Maintains expert knowledge in the use of data, service line innovation, benchmarks, and business metrics to make critical decisions

Knows the Business and the Industry:

  • Ability to advise the client to make decisions that positively impact return on investment; provides subject matter expertise on industry trends, innovation efforts, and leading practices
  • Participates in business and / or industry groups to build knowledge of economic, industry, and market conditions
  • Identifies relevant trends, practices, and market conditions that merit discussion with the client
  • Discusses business trends and industry practices with confidence
  • Builds personal brand and supports eminence building in chosen industry

 Executive Presence:

  • Ability to project confidence, establish credibility with, and influence clients at all levels
  • Tells a story and advocates for a position with clarity and conviction
  • Understands the larger ecosystem within which the client operates; uses to facilitate discussions about potential solutions to the client’s most pressing business problems
  • Establishes and maintains relationships with clients beyond immediate project needs and uses to gain beneficial insights and drive impact; has a ‘seat at the table’
  • Masters executive level written and oral communications; creates logically-structured, executive-facing deliverables
  • Maintains a calm, professional demeanor when challenges arise
Privacy Policy