Job Vacancies at Deloitte

Job Description

What you’ll do

• Supports engagement team in delivery of offensive cyber security services to identify security weaknesses within client's IT environments, reporting on issues and making recommendations for their remediation.

Responsibilities

The work you perform will include:

• Perform vulnerability assessment and penetration testing
• Perform Web Application Security Assessments
• Perform Social Engineering Assessments
• Perform Red Teaming Exercises
• Perform technology configuration reviews
• Apply problem solving skills and deliver Deloitte methodology on engagements
• Develop excellent professional oral and written communication skills in order to establish working relationships with client personnel
• Develop professional skills in various technology risk / security and privacy domains
• Build industry knowledge to understand risk management issues relevant to that particular business
• Exercise professional judgment on engagements by providing proactive solutions and recommendations
• Provide recommendations for improved and enhanced business efficiency to clients

Your role as a leader

• At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Analyst, Consultant across our Firm are expected to:
• Demonstrate a strong commitment to personal learning and development.
• Understand how our daily work contributes to the priorities of the team and business.
• Understand the set expectations and demonstrate accountability in keeping personal performance on track.
• Actively focus on developing effective communications and relationship-building skills with stakeholders, clients and team.
• Demonstrate an appreciation for working with others.
• Understand what is fundamental to Deloitte’s success as a business.
• Demonstrate integrity and an awareness of strengths, differences, and personal impact.
• Develop their understanding of Deloitte and offer a fresh perspective.

Qualifications

Advantagous qualifications include:

• Bachelor degree or higher in Computer Engineering, Computer Science, Information Systems, Accounting Information Systems or other related fields
• CISSP, CISM, CSSLP, OSCP, CEH, GPEN or other security certifications

Experience:

• 2+ years working in-depth working experience within a penetration tester with a strong understanding and familiarity with common penetration testing methods and standards and vulnerability and threat management experience
• Must have experience of common network technologies, protocols and attacks
• Experience with exploitation frameworks (e.g., MetaSploit, Core Impact)
• Experience using common attack frameworks i.e. Cobalt Strike / Empire / PowerSploit or similar
• Experience with various security tools and products (Burp Suite, Nessus, Kali)
• Knowledge of operating systems (UNIX/Linux and Solaris, Windows) and of database management systems (Oracle, SQL Server, etc.) and web technologies (Java, PHP, ASP.NET, AJAX, etc.) and application security techniques and challenges
• Knowledge of the OWASP and OSSTMM methodologies
• Red team and cyber-attack simulation experience
• Knowledge of Social Engineering tools and techniques

go to method of application »

Main job purpose:

• Support the Cyber Strategy team and the broader Cyber team with large-scale transformational projects.
• Collaborate with interdisciplinary and varied set of team members, clients, and service providers from across the globe.
• Apply innovative thinking to define effective recommendations to clients by leveraging your experience, market knowledge and the broader Cyber Africa teams.
• Grow professionally through training, mentoring programmes and on-the-job learning.

Additionally you will be responsible for:

• Support the Engagement Manager/Senior Manager in the delivery of services on delegated client engagements/projects.
• Focus on the delivery of client engagements and share knowledge and experience with others.
• Produce high quality deliverables and support team members where required.
• Build strong client relationships and assist with growing our African footprint.
• Explore trending areas such as Artificial Intelligence (AI) and Machine Learning (ML) with the aim of automating Cyber service offerings where possible.
• Understand and interpret complex security-related business challenges and assist the engagement team/s with conceiving innovative Information Security/Cyber solutions for clients to solve their problems through security design and architecture.
• Execute complex project activities and support less experienced team members where required.
• Assist Management/Senior Management with managing client relations and expectations.
• Manage own work against the project plan to ensure a world class client experience.
• Prepare documents such as reports and assessments – amongst others.
• Facilitate client workshop sessions.

Qualifications

We are looking for

A pro-active, adaptable, and keen to grow individual with:

• The ability to build good relationships with clients and colleagues
• A minimum of 3 to 5+ years of cyber advisory work experience across various industries
• Delivery focused
• Experience in assessing risks, reviewing, and testing controls
• Experience in Risk/Governance frameworks (COBIT, ISO, NIST)
• Experience in reviewing Policies, Standards, and procedures to ensure effective, targeted, and actionable analysis
• Understand the interaction of business and technology processes/risks and explain it in business terms to both technical and non-technical audiences
• Strong logical and analytical skills
• Being able to work independently with minimal supervision
• Excellent communication skills with clients and colleagues
• Proficiency in the use of PowerPoint, Word, and Excel
• Attention to detail
• Creative and innovative thinking

Minimum qualifications:

• Relevant Degree, honours or post graduate diploma, professional qualifications e.g., B.Sc, B.Com, or B.Ing/Eng or M.Sc

Desired qualifications:

Advanced certifications, diplomas, professional certifications, advanced degrees in Cyber Security - examples include:

• ISO27001 Lead Auditor/Implementer Certificate
• ITIL – IT Infrastructure Library Foundation
• CISM – Certified Information Security Manager
• CRISC – Certified in Risk and Information Systems Control
• Security +
• (ISC)² - Certified in Cybersecurity℠
• (ISC)² - CGRC - Governance, Risk and Compliance