About Africa Talent

Africa Talent by Deloitte (Africa Talent) is a separate legal entity based in South Africa and was formed between Deloitte Africa and Deloitte Netherlands in order to meet the growing demand for Talent in Africa and Europe; and to establish a competency centre that can compete with other delivery centres in India and beyond. While incorporated in South Africa, the goal is to recruit and develop Talent throughout Sub Saharan Africa in order to service the diverse needs to enable projects at our clients. Talent employed, will have the full experience of Deloitte, while getting both local and international exposure to a diverse set of clients, working remotely from Africa.  It will take advantage of the demographic reality of Africa as a future source of talent for both Africa and Europe and at its core is the goal to create employment in Africa and invest in African talent.

The ethos of our organisation is characterised by vision, purpose beyond profit and an appetite to innovate and deliver creative, high impact solutions to urgent client challenges.

Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration, and high performance. As the undisputed leader in professional services, Deloitte – Africa Talent - is where you will find unrivalled opportunities to succeed and realize your full potential.

This new team is a true encapsulation of hybrid work whereby you gain access and exposure to learn from and engage with colleagues in South Africa and the Netherlands, while working virtually from your local Deloitte office, or from home.

What impact will you make?

Organizations want to change or strengthen their direction through Mergers and Acquisitions, while Information Risk Management and data protection regulations are growing. How to manage risks in line with the business risk appetite and ensuring a smooth integration after the deal is done?

While the dynamic M&A area is expected to grow in the coming years, the same applies for the risk exposure related to it, especially due to the recent digitalization boom.

You are eager to help clients uncovering information risks as early as possible before the deal, identifying potential red flags, but also potential synergies. IRM M&A is about working at the intersection of (new) business and technology to support our clients in conducting M&A in a responsible way.

We understand our clients’ business needs and have deep knowledge and experience in managing relevant risks (Strategic, Controls, Cyber, Privacy, Regulatory etc.) and to support them during the M&A cycle.

How you will make an impact

• Perform Due Diligences on M&A related to information risks
• Interact with various stakeholders at the client i.e. IT managers, Legal, IRM managers, IT analysts, to identify risks and communicate these
• Interface with IT, business, senior level executives and third parties of client
• Propose mitigation actions
• Actively participate in client’s teams and community meetings
• Ensure our clients continue to focus on risks significant to the business, with emphasis on innovation
• Supervising and coaching less experienced professionals in the team
• Support with business development activities as the IRM Due Diligence capability is currently being developed

You are analytical and content wise very strong, but you can also explain your insights to clients in an understandable way. Moreover, you like to work with many different stakeholders and get energized coaching and guiding less experienced colleagues in an inspiring way. For this vacancy you also have:

Minimum Qualifications

• A completed a University degree in the area of business administration, such as Business Information Management, Business Economics, Business Administration, Information systems
• A qualification in CISA, CISSP, CRISC or CISM

Experience & Skills

• At least 4 years work experience in the field of IT audit, IT controls or Information Risk Management
• Strong all-round knowledge of IT security, Cyber and IT controls
• Knowledge of COSO, ERM, three lines of defense, governance and data protection regulation e.g. GDPR
• Mergers, acquisitions and divestment experience (preferably with Information risk or Due Diligence)
• Strong communication and stakeholder management skills – professionals will engage with variety of stakeholders (from senior business leaders to technical experts)
• Preferably technical knowledge & relevant experience in security domains/ technologies related to:  Infrastructure/ Network security; Identity and Access Management; Business Impact Assessment; Application security; Data Leakage Prevention; End Point Protection; Web filtering technologies; Proxies and firewalls; Vulnerability Assessment / Penetration Testing
• Understanding of business model design, business value generation and can translate this into IT risks
• Excellent command of English language, spoken and written

If you like the challenge of this function description and meet the following profile criteria, we would like to meet you!

* Please note that this job advertisement provides a summary of the capabilities required and all candidates shortlisted will receive a full list of capabilities.