Risk Advisory – Cyber Identity Security – Manager at Deloitte

Job Description
The main purpose of the job is to support the Senior Manager/ Director in the delivery of services on delegated client engagement/ projects.

Focus on the management and delivery of client engagements, as well as sales and practice development.

Develop high-performing people and teams, leading and supporting them to make an impact that matters, and setting the direction to deliver exceptional client service. 

Specialised Technical Capabilities:

Plans and Manages Cyber Solutions:

•   Ability to guide teams through the design and implementation of cyber solutions in chosen Cyber sub-offering/s that reduce vulnerability, strengthen cyber security posture / controls and optimize organizational efficiency
•      Combines industry knowledge and domain experience to help client identify, assess, and manage Cyber risk
•      Oversees teams in design, implementation, transformation and resilience of identity and access management solutions.
•      Leverages an in-depth knowledge of market-specific products and solutions to enhance impact of recommended solutions
•      Proactively tailor’s implementation strategies to help ensure client’s environments are receptive to the impending change
•      Assess, Lead, define, design and implement end to-end modern on-premises and cloud based Cyber Solutions
•      Helps client define a holistic future state cyber posture to address gaps with relevant domain (sub-offering) standards and frameworks
•      Keeps in mind relevant frameworks, industry standards and the overall client’s business strategy when planning cyber assessments
•      Designs cyber solutions (e.g., ICS, Cloud Security, Strategy, vulnerability management, identity and access management) that strengthen controls on key assets, enable compliance, while increasing operational efficiency and reducing cost
•      Helps client adopt a long-term view of cyber risk management by advising on leading practices to align cyber risk with risk appetite, key industry issues, and strategic business priorities
•      Owns end-to-end delivery of cyber strategy programs across large accounts
•      Leverages a strong industry knowledge to advise clients on current and potential changes in regulations, cyber threats, and other key trends
•      Stays current on market trends and regulations, and anticipates risk / opportunities; advises client accordingly

Sales and Business Development:

  Ability to apply profitability management and sales fundamentals to support projects and pursuits

•      Understands the fundamentals of engagement profitability management and uses Deloitte sales tools, such as pricing and revenue management systems, on all engagements
•      Contributes to the development of Statements of Work (SOW), engagement budgeting, and pricing model development and develops budget, scope and staffing recommendations based on understanding of the client’s budget and project economics
•      Identifies opportunities to sell Deloitte services on current and proposed engagements where appropriate
•      Scans for business development / add-on sales opportunities; organizes these efforts under the direction of others

Technical competencies:

•   Proven winning business, staff development, exceptional delivery, business development, continuous improvement.
•   Bring deep technical (SME) and industry experience in selected Cyber sub offering (domain) to engage with clients and key stakeholders pragmatically.
•   Understands technical complexity at Network, Application, Database, Infrastructure and Cloud level.
•   Understand and interpret complex security-related business challenges and ability to respond by conceiving innovative information security/cyber solutions for clients.
•   Knowledge and appreciation of the wider Cyber Security issues and opportunities beyond the specific domain specialisation.
•   Able to scope Cyber engagements effectively and assign and manage an appropriate team to deliver against the engagement requirements.
•   Experience in the design, implementation, transformation and resilience of identity and access management solutions.
•   Experience and exposure to identity and access management solutions
•   Exposure to product solutions such as SailPoint, Savyint, CyberArk.
•   Exposure to resolution of issues with password management
•   Experience with remediation of orphan accounts and reconciliation, identity data consistency and synchronization monitoring: reconciliation, adoption
•   Experience with IAM system health and maintenance requirements
•   Experience with IAM support major incident management process and attend production call bridge for major incidents.
•   Experience with IAM product stabilization and enhancement
•   Experience with organizational change management with regard to identity and access management governance and adoption.
•   Solid understanding of compliance regulation POPIA and/or GDPR
•   Experience with Role Based Access Control
•   Experience and exposure to the following: Privileged Access Management (PAM), Privileged Identity Management (PIM), Privileged User Management (PUM)
•   Experience with major Cloud SP’s (Azure, AWS, Google) and Cloud integration
•   Access Identity Direct experience (MS AD, LDAP)
•   Experience with Role Based Access Governance
•   Experience with the following protocols: SAML (and similar), OpenID, OAUTH, FIDO, etc.
•   Experience with Cloud-based identity management solutions
•   Experience with ISO 27001 and/or other industry accepted security standards

Behavioural Competencies:

•   Excellent communication skills, both written and verbal
•   Effective engagement management
•   Able to deliver engagements on time and within budget
•   Proven ability to make decisions and the right judgement calls
•   Ability to provide leadership and guidance/coaching to junior member of the team
•   Ability to inspire and enthuse others to commitment and involvement taking accountability for larger engagements
•   Manages large engagement / multiple engagement deadlines holistically, identifying risks and escalating. 
•   Able to work under pressure
•   Ownership of deliverables driving team quality and risk management

Qualifications
Minimum qualifications:

• Relevant Degree, Honours or post graduate diploma, professional qualifications e.g. BSc, BCom, or B.Ing/Eng or MSc

Desired qualifications:

Advanced certifications, diplomas, professional certifications, advanced degrees in Cyber or information security - examples include:

•   CISM (Certified Information Security Manager)
•   CISA (Certified Information Systems Auditor)
•   ITIL
•   CISSP (Certified Information Systems Security Professional)
•   SailPoint, Savyint, CyberArk or similar product certifications or suitable hands-on experience is required.

Experience:

• 5 years in a client facing role; 3 of these in a management role
• 8- 10 years of progressive experience with role(s) in a professional, consulting services (including boutique security firm), public and/or private sector organisations is required.
• Experience in the design, implementation, transformation and resilience of identity and access management solutions