Deloitte Risk Advisory - Cyber Risk - Emerging Technologies - Manager Jobs in South Africa

Deloitte Risk Advisory - Cyber Risk - Emerging Technologies - Manager Jobs in South Africa


Main Purpose of Job

  • Supports Senior Manager or Directors in delivery of services to / at client premises on delegated engagement / project.

  • Focus on the management and delivery of client engagements, as well as sales and practice development.

    Key Performance Areas

  • Strategic Impact

  • Budgets/Profitability

  • Differentiator

    Core Professional & Technical

  • Risk Assessment and Mitigation

  • Delivery Excellence

  • Reporting and Presentation

    Qualifications

    Minimum Qualifications

  • Relevant Degree, honours or post graduate diploma, professional qualifications e.g. B.Sc, BCom, or B.Ing/Eng or M.Sc.

    Desired Qualifications

  • CISM (Certified Information Security Manager)

  • CISSP (Certified Information Systems Security Professional)

  • ISMP (Information Security Management Principles)

  • GIAC Industrial Cyber Security Professional (GICSP) certification

  • Critical Information Infrastructure Protection (CIIP) or suitable hands-on experience is required.

    Minimum Experience

  • 8 – 10 years working experience

    Desired Experience

  • 5 years in a client facing role; 3 of these in a management role

  • 8 – 10 years of progressive experience with role(s) in a professional, consulting services (including Boutique Security Firm), public and/or private sector organizations is required.

  • Demonstrates thorough knowledge and/or proven record of success designing and implementing security solutions for industrial control Systems (ICS) in critical infrastructure and/or manufacturing sectors, such as power and utilities, oil & gas, chemical, and consumer products manufacturing. Possess an understanding of ICS/OT fundamentals, including but not limited to:

  • Understanding of Distributed control systems (DCS) and supervisory control & data acquisition (SCADA) architecture

  • Understanding of Network and communication protocols common in ICS environments;

  • Understanding of ICS design considerations with emphasis on human safety and the availability/security of operating environment;

  • Understanding and Knowledge of leading IT and OT security practices; and,

  • Preparation and maintenance of policies, procedures and standards governing the security operations for ICS systems and networks.

  • Demonstrates thorough knowledge and/or proven record of success in security technologies
    such as firewalls, IDS/IPS, endpoint security solutions, access control systems, and other related security technologies and concepts within the OT/ICS environment, including the following:

  • In-depth understanding of operating systems, network/system architecture, and ICS and IT architecture design;

  • In-depth understanding of operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, Manufacturing Execution Systems (MES) and Distributed Control Systems (DCS), and related embedded systems;

  • Understanding of infrastructure and network architecture and design, LAN/WAN implementation, and Windows/Unix/Linux environments;

  • Understanding of IT and OT network communication protocols (including TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.) and ability to perform packet analysis;

  • Understanding of Industrial Internet of Things (IIoT) and Cloud services and their security implications in ICS,

  • Understanding of OT and IT technology convergence and data interchange techniques, and their associated security techniques; and,

  • Understanding of threats, vulnerabilities, and exploits in OT/ICS environments and appropriate mitigation techniques.

    Experience with the following

  • ISA/IEC 62443

  • NIST Cyber Security Framework for Critical Infrastructures (CSF)

  • NIST SP-800-82 and SP-800-53

  • ISO/IEC 27001/2

    Behavioural

  • Excellent communication skills, both written and verbal

  • Effective engagement management

  • Able to deliver engagements on time and within budget

  • Proven ability to make decisions and the right judgement calls

  • Ability to provide leadership and guidance/coaching to junior member of the team

  • Ability to inspire and enthuse others to commitment and involvement taking accountability for larger engagements

  • Manages large engagement / multiple engagement deadlines holistically, identifying risks and escalating.

  • Able to work under pressure

  • Ownership of deliverables driving team quality and risk management.

  • Please note that this job advertisement provides a summary of the capabilities required and all candidates shortlisted will receive a full list of capabilities.

    How to Apply

    For more information and job application details, see; Deloitte Risk Advisory - Cyber Risk - Emerging Technologies - Manager Jobs in South Africa

  • Click here to post comments

    Join in and write your own page! It's easy to do. How? Simply click here to return to NGO Jobs in Africa.