Africa Talent by Deloitte - M&A IT Security -Senior Consultant at Deloitte

Job Description
What impact will you make?

Organizations want to change or strengthen their direction through Mergers and Acquisitions, while Information Risk Management and data protection regulations are growing. How to manage risks in line with the business risk appetite and ensuring a smooth integration after the deal is done?

While the dynamic M&A area is expected to grow in the coming years, the same applies for the risk exposure related to it, especially due to the recent digitalization boom.

You are eager to help clients uncovering information risks as early as possible before the deal, identifying potential red flags, but also potential synergies. IRM M&A is about working at the intersection of (new) business and technology to support our clients in conducting M&A in a responsible way.

We understand our clients’ business needs and have deep knowledge and experience in managing relevant risks (Strategic, Controls, Cyber, Privacy, Regulatory etc.) and to support them during the M&A cycle.

How you will make an impact

• Perform Due Diligences on M&A related to information risks
• Interact with various stakeholders at the client i.e. IT managers, Legal, IRM managers, IT analysts, to identify risks and communicate these
• Interface with IT, business, senior level executives and third parties of client
• Propose mitigation actions
• Actively participate in client’s teams and community meetings
• Ensure our clients continue to focus on risks significant to the business, with emphasis on innovation
• Supervising and coaching less experienced professionals in the team
• Support with business development activities as the IRM Due Diligence capability is currently being developed

Qualifications

• You are analytical and content wise very strong, but you can also explain your insights to clients in an understandable way. Moreover, you like to work with many different stakeholders and get energized coaching and guiding less experienced colleagues in an inspiring way. For this vacancy you also have:

Minimum Qualifications

• A completed a University degree in the area of business administration, such as Business Information Management, Business Economics, Business Administration, Information systems
• A qualification in CISA, CISSP, CRISC or CISM

Experience & Skills

• At least 4 years work experience in the field of IT audit, IT controls or Information Risk Management
• Strong all-round knowledge of IT security, Cyber and IT controls
• Knowledge of COSO, ERM, three lines of defense, governance and data protection regulation e.g. GDPR
• Mergers, acquisitions and divestment experience (preferably with Information risk or Due Diligence)
• Strong communication and stakeholder management skills – professionals will engage with variety of stakeholders (from senior business leaders to technical experts)
• Preferably technical knowledge & relevant experience in security domains/ technologies related to:  Infrastructure/ Network security; Identity and Access Management; Business Impact Assessment; Application security; Data Leakage Prevention; End Point Protection; Web filtering technologies; Proxies and firewalls; Vulnerability Assessment / Penetration Testing
• Understanding of business model design, business value generation and can translate this into IT risks
• Excellent command of English language, spoken and written