Deloitte Risk Advisory – Cyber Risk- Emerging Technology – Assistant Manager Jobs in South Africa

Deloitte Risk Advisory – Cyber Risk- Emerging Technology – Assistant Manager Jobs in South Africa


Company Description

  • Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax and related services. Our global network of member firms and related entities in more than 150 countries and territories (collectively, the “Deloitte organisation”) serves four out of five Fortune Global 500® companies. Learn how Deloitte’s approximately 312,000 people make an impact that matters at www.deloitte.com.

    About the Division

  • The value that Deloitte Risk Advisory Africa creates for organisations is synonymous with operational excellence. Our five business areas work in unison to provide integrated solutions unique to the organisational requirements of any business.

  • In a world that is constantly changing, organisations need to adapt quickly to respond to new risks and take advantage of new opportunities. Deloitte's Risk Advisory practice advises organisations on how to effectively mitigate risk and make informed and intelligent risk decisions around business processes, technology and operations.

    What impact will you make?

  • Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration and high performance. As the undisputed leader in professional services, Deloitte is where you’ll find unrivalled opportunities to succeed and realise your full potential.

    Job Description

  • The main purpose of the job is to support the engagement Manager/Senior Manager in the delivery of services on delegated client engagement/ projects.

  • Focus on the delivery of client engagements and shares knowledge and experience with others

  • Able to produce high quality deliverables and support junior team members.

    Specialised Technical Capabilities:

    Supports the Development and Implementation on of Cyber Risk Solutions:

  • Demonstrates thorough knowledge and/or proven record of success designing and implementing security solutions for industrial control Systems (ICS) in critical infrastructure, manufacturing sectors, power and utilities, oil & gas, chemical, and/or consumer products manufacturing. Possess an understanding of ICS/OT fundamentals, including but not limited to:

  • Understanding OT related systems such as control systems (DCS) and supervisory control & data acquisition (SCADA) systems.

  • Understanding of Network and communication protocols common in ICS environments.

  • Understanding of ICS design considerations with emphasis on human and environmental safety, and the availability/reliability and security of the operational environment.

  • Understanding and Knowledge of leading IT and OT security practices.

  • Ability to apply relevant standards such as NIST 800-82 and IEC 63443

  • Preparation and maintenance of policies, procedures and standards governing the security operations for ICS systems and networks.

  • Demonstrates knowledge and/or proven record of success in security technologies such as firewalls, IDS/IPS, endpoint security solutions, access control systems, and other related security technologies within ICS Environment:

  • In depth understanding of operating systems, network/system architecture, and architecture design aligned to engineering design methodologies.

  • In depth understanding with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS).

  • Aptitude to apply and utilise security tools and solutions to conduct risk assessment and understanding of the threat landscape on OT systems.

  • Ability to learn new tools and techniques to automate manual effort and leverage digital solutions where possible.

  • Understanding of IT and OT network communication protocols (e.g. TCP/IP, UDP. DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)

  • Understanding of Industrial Internet of Things (IIoT) and Cloud services and their security implications in ICS,

  • Understanding of OT and IT technology convergence and data interchange techniques, and their associated security techniques; and,

  • Understanding of threats, vulnerabilities, and exploits in OT/ICS environments and appropriate mitigation techniques.

  • Good technical capability and technical certifications would be advantageous

  • Certified Information Systems Security Professional (CISSP) ISC2

  • SABSA (Sherwood Applied Business Security Architecture)

  • GICSP (Global Industrial Cybersecurity professional)

  • Certified SCADA security Architect - CSSA

  • Ability to identify patterns, and analyse and improve processes (business analysis)

  • Software development and engineering including DevSecOps: fundamentals and experience

  • Project Management including Agile Project Management (SAFE Agile, etc.)

    Behavioural Competencies:

  • Excellent communication skills, both written and verbal

  • Aptitude for learning new methods, techniques and tools

  • Be able to demonstrate learning agility to new and emerging cyber threat

  • Consistently delivers high quality work.

  • Ability to meet deadlines (reliable and dependable)

  • Able to Multi-task

  • Proven initiatives in providing guidance to junior members of the project team

  • Demonstrates readiness to take decisions

  • Displays initiatives and takes accountability for delivery of work

  • Assumes manager responsibility on delivery of assignments where required under pressurised circumstances

  • Able to work under pressure

  • Ability to prioritize competing responsibilities as per their urgency and importance, ability to multi-task on various client engagements

    Minimum qualifications:

  • Relevant Degree, Honours or post graduate diploma, professional qualifications e.g., BSc Engineering (Electrical, mechanical, industrial, computer, electronics), BCom, or B. Ing/Eng or MSc

    Desired qualifications:

  • Advanced certifications, diplomas, professional certifications, advanced degrees in Cyber or information security - examples include:

  • CISM (Certified Information Security Manager)

  • CISSP (Certified Information Systems Security Professional)

  • ISMP (Information Security Management Principles)

  • CCSP (Certified Cloud Security Professional)

  • Certified Ethical Hacker – EC Council.

  • ISO27001 Lead Auditor/Implementer Certificate.

  • SABSA Chartered Security Architect.

  • (TOGAF) The Open Group Architecture Framework.

  • Cisco Unity Systems Engineer.

  • ITIL – IT Infrastructure Library Foundation.

    Experience:

  • 3+ years of progressive experience with role(s) in a professional, consulting services (including Boutique Security Firm), public and/or private sector organizations is required.

  • At least two years of those being exposed to industrial processes and or plant environment

  • Demonstrates thorough knowledge and/or proven record of success designing and implementing security solutions for industrial control Systems (ICS) in critical infrastructure and/or manufacturing sectors, such as power and utilities, oil & gas, chemical, and consumer products manufacturing.

  • Possess an understanding of ICS/OT fundamentals, including but not limited to:

  • Understanding of Distributed control systems (DCS) and supervisory control & data acquisition (SCADA), Manufacturing Execution Systems (MES) and related architectures and components.

  • Understanding of Network and communication protocols common in OT/ICS environments.

  • Familiarity with Safety Instrumented Systems (SIS)

  • Understanding of ICS design considerations with emphasis on human/environmental safety, availability/reliability and security of the operational environment.

  • Understanding and Knowledge of leading IT and OT security practices and IT/OT convergence principles and secure data exchange techniques; and,

  • Preparation and maintenance of policies, procedures and standards governing operations for ICS systems and networks.

    Experience with the one or more of the following:

  • ISA/IEC 62443.

  • NIST Cyber Security Framework for Critical Infrastructures (CSF).

  • NIST SP-800-82 and SP-800-53.

  • ISO/IEC 27001/2.

  • ISA 95/ Purdue Functional Model for Operational Technology.

    How to Apply

  • For more information and job application details, see; Deloitte Risk Advisory – Cyber Risk- Emerging Technology – Assistant Manager Jobs in South Africa ​


    Find daily jobs in South Africa. Jobs - South Africa jobs. Search our career portal & find the latest South African job positions, career opportunities & jobs in South Africa.

    Jobs in South Africa - banking jobs, IT jobs, accounting jobs, NGO jobs, business administration, ICT, UN jobs, procurement jobs, education jobs, hospital jobs, human resources jobs, engineering, teaching jobs, and other careers in South Africa.

    Find your dream job from 1000s of vacancies in South Africa posted and updated daily - click here!

  • Click here to post comments

    Join in and write your own page! It's easy to do. How? Simply click here to return to African Jobs.