Risk Advisory – Cyber Infrastructure Security – Technology Sales – Senior Manager at Deloitte

Job Description
The main purpose of the job is to support the business leadership in the implementation of strategic plans. Focus on the management and delivery of client engagements, as well as sales and practice development. Develop high-performing people and teams, leading and supporting them to make an impact that matters, and setting the direction to deliver exceptional client service. 

Specialised Technical Capabilities:

Sets Strategy for and Sustains Implementation of Cyber Strategy Programmes:

• Ability to lead clients through end to-end design and delivery of targeted, holistic, and sustainable cyber security technology strategy programmes.
• Helps client adopt a long-term view of cyber risk management by advising on leading practices to align cyber risk with risk appetite, key industry issues, and strategic business priorities
• Owns end-to-end delivery of executive level cyber strategy programs across large and complex accounts
• Leverages a strong industry knowledge to advise clients on current and potential changes in regulations, cyber threats, and other key trends
• Leads stakeholders in building support and buy-in from Board of Directors to successfully enable and sustain overarching cyber risk strategies
• Builds a brand within a chosen domain and industry and is regarded internally and externally as a subject matter expert
• Stays current on market trends and regulations, and anticipates risk / opportunities; advises client accordingly

Qualifications
Minimum qualifications:

• Relevant Degree, honours or post graduate diploma, professional qualifications e.g. B.Sc, B.Com, or B.Ing/Eng or MSc

Desired qualifications:

• Advanced certifications, diplomas, professional certifications, advanced degrees in Cyber or information security - examples include:
• CISM (Certified Information Security Manager)
• CISSP (Certified Information Systems Security Professional)
• An industry leading qualification such as CREST, OSCE, OSCW, Crest, Check
• CEH (Certified Ethical Hacker)
• OSCP (Offensive Security Certified Professional
• GCIH (GIAC Certified Incident Handler)
• Certified Information Systems Security Professional (CISSP) or suitable hands-on experience is required.

Experience:

• 7 years in a client facing role; 5 of these in a management role
• 10 -12 years of progressive experience with role(s) in a professional, consulting services (including Boutique Security Firm), public and/or private sector organizations is required.
• Excellent understanding of an IP addressing and how it works (IPv4 and IPv6)
• Deep knowledge and experience with ability to perform:
• Security reviews of architecture and application designs
• Mobile, complex application, infrastructure, as well as social engineering assessments and penetration testing
• Exploit vulnerabilities to gain access, and expand access to remote systems
• Assist with building, hardening, and maintaining systems used for penetration testing
• Research cutting edge security topics and new attack vectors

Additional Information
Technical competencies:

• Expert in field with sound industry and business knowledge
• Proven experience winning business, staff development, exceptional delivery, business development, continuous improvement
• Bring deep technical (SME) and industry experience in selected Cyber sub offering (domain) to engage with clients and key stakeholders pragmatically.
• Excellent understanding of an IP address and how it works (IPv4 and IPv6)
• Deep knowledge ability to perform:
• security reviews of architecture and application designs
• mobile, complex application, infrastructure, as well as social engineering assessments and penetration testing
• Exploit vulnerabilities to gain access, and expand access to remote systems
• Assist with building, hardening, and maintaining systems used for penetration testing
• Research cutting edge security topics and new attack vectors
• Demonstrates thorough knowledge and/or proven record of success in security technologies such as firewalls, IDS/IPS, endpoint security solutions, access control systems, and other related security technologies
• In depth understanding of operating systems, network/system architecture, and IT architecture design;
• In depth understanding of infrastructure and network architecture and design, LAN/WAN implementation, and Windows/Linux environments;
• Understanding of threats, vulnerabilities, and exploits in different environments and appropriate mitigation techniques.
• Understanding of relevant Cyber/Information/Cloud security related laws and regulations

Good technical capability and technical certifications in the following areas:

• An industry leading qualification such as CREST, OSCE, OSCW, Crest, Check
• CEH (Certified Ethical Hacker)
• OSCP (Offensive Security Certified Professional
• GCIH (GIAC Certified Incident Handler)
• OEM product certifications (sales)
• Certified Information Systems Security Professional (CISSP)
• Information Systems Security Architecture Professional (CISSP-ISSAP)
• Information Systems Security Engineering Professional (CISSP-ISSEP)
• Information Systems Security Management Professional (CISSP-ISSMP)
• Ability to identify patterns, and analyse and improve processes (business analysis)
• Software development and engineering including DevSecOps: fundamentals and experience
• IT System and networks design, build and administration
• Project Management including Agile Project Management (SAFE Agile, etc.)
• Microservices, containerisation, server-less/FaaS and DevOps toolsets (CI/CD pipeline)
• Software Programming/Coding in variety of languages
• Related Technical fundamentals at that point in time and what the market is procuring

Behavioural Competencies:

• Exceptional communication skills, both written and verbal
• Able deliver multiple engagements on time and within budget
• Proven ability to make decisions and the right judgement calls in complex projects and situations
• Creates a culture of trust, ownership and accountability across teams and projects
• On the job coaching for managers and professional staff and taking accountability for multiple large engagements
• Manages large engagement / multiple engagement deadlines holistically, identifying risks and escalating
• Able to work under pressure
• Drives continuous improvement
• Custodian of the business, shaping offerings that we need to proactively take to the market