Risk Advisory – Cyber Risk Senior Manager - with Data Privacy and Data Management experience at Deloitte

Job Description
Main Purpose of Job

• In a rapidly changing world where information has a significant value, supply chains are increasingly interconnected. In a world of uncertainty when doing business on a global basis, the resilience of operations has become a board level issue.
• We are looking for a Cyber Security Senior Manager, with Data Privacy and data management expertise to support the business leadership in the implementation of strategic plan and the effective management of team/s. your role will include; building high performing teams to deliver in client engagements, translate broader business strategy into a compelling team vision and goals and applying deep knowledge of disruptive trends and competitor activity to drive continuous improvement. 
• You will provide our clients with a full spectrum of services encompassing business and technology resilience, focusing on development and implementation of cyber risk, data protection and privacy projects.

 Technical Competencies

•        Strong experience working with security intelligence, data analytics, security incident response, and forensic investigation teams
•        Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques:
•       Familiarity with threat modelling, development of attack plans;
•       Familiarity with foundational information security frameworks such as ISO27001, NIST etc;
•       Familiarity with how Managed Security Services, Security Operations and SIEM technologies can work within the Incident Response lifecycle;
•        Willingness to operate as part of an ‘on-call roster’, travelling to assist our clients when required;
•        Bring deep SME and industry experience in selected Cyber sub offering (domain) to engage with clients and key stakeholders pragmatically.
•        Understands technical complexity at Network, Application, Database, Infrastructure and Cloud level.
•        Understand and interpret complex resilience related business challenges and ability to respond by conceiving innovative solutions for clients.

       Strong on design and delivery of end-to-end resilience including Business Continuity, Disaster Recovery or Crisis Management or incident response solutions which are enabled by technology and can think independently and creatively when formulating solutions.

•        Solid experience with Archiving Solutions, Data Replications, Disaster Recovery Technology
•        Cloud Back-Up and Archiving Solutions (integration between Cloud and on premises)
•        Experience with BCM and Incident Recovery tools is desirable
•        Expert Understanding of: Personal Data Protection, Statutory / Regulatory Health check, Annual Compliance Services, Intellectual Property Law, Consumer Protection
•        Knowledge of cyber risk and data management frameworks and ability to conduct pilots to realize quick wins
•        Skilled in drafting and presenting client proposals

Behavioural Competencies:

•        Exceptional communication skills, both written and verbal
•        Able deliver multiple engagements on time and within budget
•        Proven ability to make decisions and the right judgement calls in complex projects and situations
•        Creates a culture of trust, ownership and accountability across teams and projects
•        On the job coaching for managers and professional staff and taking accountability for multiple large engagements
•        Manages large engagement / multiple engagement deadlines holistically, identifying risks and escalating
•        Drives continuous improvement
•        Custodian of the business, shaping offerings that we need to proactively take to the market

Qualifications
Minimum Qualifications

• Relevant Degree, Honours or Post Graduate Diploma professional qualifications (Law, Commence, Engineering, Computer Science or IT) e.g. LLB/CA (SA), BSc, BCom, or B.Eng or MSc

Desired Qualifications

Advanced certifications, diplomas, professional certifications, advanced degrees in Information Technology or BCom Degree, Risk Management, Sustainability, Disaster Management - examples include:

•         Qualification with the BCM Institute – CBCI, FBCI, MBCI
•         ISO22301 Lead Auditor/Implementer Certificate
•         Cisco Unity Systems Engineer
•         ITIL – IT Infrastructure Library Foundation
•         Computer security incident response team (CSIRT) engineer and/or or suitable hands-on or product specific (e.g., Microsoft Azure, Amazon AWS, etc.) experience is required.

Qualifications in data management practices such as CDMP (Certified Data Management Professional).

Practice within the Privacy domain

Experience 

•        10 - 12 years working experience
•        Senior Management experience
•        Leadership initiatives
•        data management, data modelling, data architecture, data governance, master data management, meta data management and wider data analytics experience
•        Cross functional management experience (Legal/Cyber/Data Management) is advantageous   

Desired experience:

• 7 years in a client facing role; 3 of these in a management role:

       Experience in Business Continuity Management including Crisis Management, Disaster Recovery Management and Cyber Incident Response. To assist client’s senior stakeholders understand the scope and limitations of their cyber resilience programs relative to leading practices, industry trends, and regulatory expectations. Privacy implementation according to POPIA and/or GDPR. Laws related to Information Security, Cyber Security, Data Protection and/or Privacy

       Sector specific experience in key sectors such as financial services, oil and gas, mining, retail, telecoms and technology would be considered advantageous