Risk Advisory – Cyber Identity Security – Assistant Manager
- Magwa Cres, Waterval City, Midrand, 2090, South Africa
Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax and related services. Our global network of member firms and related entities in more than 150 countries and territories (collectively, the “Deloitte organisation”) serves four out of five Fortune Global 500® companies. Learn how Deloitte’s approximately 312,000 people make an impact that matters at www.deloitte.com.
About the Division
The value that Deloitte Risk Advisory Africa creates for organisations is synonymous with operational excellence. Our five business areas work in unison to provide integrated solutions unique to the organisational requirements of any business.
In a world that is constantly changing, organisations need to adapt quickly to respond to new risks and take advantage of new opportunities. Deloitte's Risk Advisory practice advises organisations on how to effectively mitigate risk and make informed and intelligent risk decisions around business processes, technology and operations.
Click here to read more about our Risk Advisory practice.
What impact will you make?
Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration and high performance. As the undisputed leader in professional services, Deloitte is where you’ll find unrivalled opportunities to succeed and realise your full potential.
The main purpose of the job is to support the engagement Manager/Senior Manager in the delivery of services on delegated client engagement/ projects.
Focus on the delivery of client engagements and shares knowledge and experience with others
Able to produce high quality deliverables and support junior team members.
Specialised Technical Capabilities:
Supports the Development and Implementation on of Cyber Risk Solutions:
· Ability to develop and execute strategies, architectures, and roadmaps to provide client with need-based, value-adding, and cost-effective Cyber risk solutions
o Ability to analyse the client’s cyber security infrastructures to enable targeted and data-driven enhancements
o Keeps in mind the client’s business needs when developing assessment frameworks to ensure effective, targeted, and actionable analyses
o Applies multiple security testing methodologies and techniques to assess client’s security infrastructures and identify / evaluate vulnerabilities
o Gathers data and determines priority criteria to build an integrated roadmap that addresses all facets of an Cyber Assessment or implementation
o Assesses cyber security policies and procedures to analyse compliance with regulatory requirements and evaluate overall operational efficiency; provides clients with mitigating solutions
o Is proficient with multiple domain-specific cyber security technology solutions and is able to effectively integrate them to meet and exceed client’s needs
o Enables sustainability and continuous improvement of cyber security solutions by assessing and enhancing client’s cyber security governance infrastructures
o Understands and applies cyber threat intelligence and profiling to the design and assessment of client systems
o Tests the effectiveness of client’s cyber security technologies to identify and articulate opportunities for improvement across the digital, physical, and social elements of the client
o Conducts complex business process assessments to help clients identify, analyse, and prioritize gaps and risks; applies findings to make recommended upgrades aligned to the overall strategy
o Develops effective and sustainable technology and Cyber risk management strategies by tailoring leading Cyber frameworks on key clients’ business and technology needs
o Understands the interaction of business and technology processes / risks and can explain it in business terms to both technical and non-technical audiences
· Understands technical complexity at Network, Application, Database, Infrastructure and Cloud level.
· Experience in the design, implementation, transformation and resilience of identity and access management solutions.
· Experience and exposure to identity and access management solutions
· Exposure to product solutions such as SailPoint, Savyint, CyberArk.
· Exposure to resolution of issues with password management
· Experience with remediation of orphan accounts and reconciliation, identity data consistency and synchronization monitoring: reconciliation, adoption
· Experience with IAM system health and maintenance requirements
· Experience with IAM support major incident management process and attend production call bridge for major incidents.
· Experience with IAM product stabilization and enhancement
· Experience with organizational change management with regard to identity and access management governance and adoption.
· Solid understanding of compliance regulation POPIA and/or GDPR
· Experience with Role Based Access Control
· Experience and exposure to the following: Privileged Access Management (PAM), Privileged Identity Management (PIM), Privileged User Management (PUM)
· Experience with major Cloud SP’s (Azure, AWS, Google) and Cloud integration
· Access Identity Direct experience (MS AD, LDAP)
· Experience with Role Based Access Governance
· Experience with the following protocols: SAML (and similar), OpenID, OAUTH, FIDO, etc.
· Experience with Cloud-based identity management solutions
· Experience with ISO 27001 and/or other industry accepted security standards
· Excellent communication skills, both written and verbal
· Consistently delivers high quality work.
· Ability to meet deadlines (reliable and dependable)
· Able to multi-task
· Proven initiatives in providing guidance to junior members of the project team
· Demonstrates readiness to take decisions
· Displays initiatives and takes accountability for delivery of work
· Assumes manager responsibility on delivery of assignments where required under pressurised circumstances
· Able to work under pressure
· Ability to prioritize competing responsibilities as per their urgency and importance, ability to multi-task on various client engagements
Relevant Degree, Honours or post graduate diploma, professional qualifications e.g. BSc, BCom, or B.Ing/Eng or MSc
Advanced certifications, diplomas, professional certifications, advanced degrees in Cyber or information security - examples include:
· CISM (Certified Information Security Manager)
· CISA (Certified Information Systems Auditor)
· CISSP (Certified Information Systems Security Professional)
· SailPoint, Savyint, CyberArk or similar product certifications
· or suitable hands-on experience is required.
5+ years of progressive experience with role(s) in a professional, consulting services (including Boutique Security Firm), public and/or private sector organizations is required.
Working experience in Identity and Access Management
Demonstrate strong understanding and experience in delivery of Cyber engagements across key industries
How you’ll grow
At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help build world-class skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Centre. https://deloitte.zoomforth.com/du
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. https://www2.deloitte.com/global/en/pages/careers/articles/benefits.html
Deloitte is led by a purpose: to make an impact that matters. Every day, Deloitte people are making a real impact in the places they live and work. We pride ourselves on doing not only what is good for clients, but also what is good for our people and the communities in which we live and work—always striving to be an organization that is held up as a role model of quality, integrity, and positive change. Learn more about Deloitte’s impact on the world. https://www2.deloitte.com/global/en/pages/about-deloitte/articles/impact-that-matters.html
*Please note that this job advertisement provides a summary of the capabilities required and all candidates shortlisted will receive a full list of capabilities.