Risk Advisory - Cyber Risk - Cloud - Senior Manager at Deloitte

Supports the business leadership in the implementation of strategic plan and the effective management of team/s. Build high performing teams to deliver in client engagements. Translate broader business strategy into a compelling team vision and goals. Applies deep knowledge of disruptive trends and competitor activity to drive continuous improvement. Is a custodian and SME of an area of value within the business (e.g. one or more Cyber sub-offering).

Technical Competencies:

• Proven winning business, staff development, exceptional delivery, business development, continuous improvement.
• Bring deep technical (SME) and industry experience in selected Cyber sub offering (domain) to engage with clients and key stakeholders pragmatically.
• Understands technical complexity at Network, Application, Database, Infrastructure and Cloud level.
• Understand and interpret complex security-related business challenges and ability to respond by conceiving innovative information security/cyber solutions for clients.
• Strong on design and delivery of end-to-end information security solutions which are enabled by technology and can think independently and creatively when formulating information security solutions.
• Strong in the field of cybersecurity and data protection including current technologies and their applications within a business context.
• Can develop security architecture with a focus on senior management challenges.
• Experience in translating clients' risk, security, and compliance requirements into specific Cloud security solutions and design patterns.
• Applying Cloud Security Reference Architecture to deliver consistent, standardized solutions for Identity & Access Management, Data Protection, Secure DevOps, Security Operations, and other security domains.
• Designing solutions for integration between Cloud and on-premises security solutions.
• Solutions Architect experience.
• Experience designing and/or delivering complex security solutions, such as Identity & Access Management, Data Protection and DLP, SIEM, and IDS/IPS.
• Designing target operating model to support proposed solutions.
• Collaborating and coordinating solution design and development work with other Cyber sub Solution Architects in Infrastructure, IT Strategy, Service Delivery, etc.
• Managing/operating public, private and hybrid cloud solutions
• Utilizing and applying knowledge of Cloud solutions across IaaS, PaaS & SaaS into projects, such as AWS, Azure, OpenStack, Cloud Foundry, Salesforce, Microsoft Office 365, Box etc.
• Utilizing and applying knowledge of enterprise security and Cloud security specific solutions into projects such as: IAM/IDaaS, CASB, Identity Governance, Cloud SOC/SIEM, Key Management & Encryption.

Laws and regulations related to Information Security, Cyber Security, Data Protection and/or Privacy especially where relevant to the Cloud.

Good technical capability and technical certifications in the following areas:

• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP) [ISC2]
• SABSA (Sherwood Applied Business Security Architecture)
• CISSP-ISSAP (Certified Information Systems Security Professional-Information Systems Security Architecture Professional) [ISC2]
• ISMP (Information Security Management Principles)
• Cloud Security engineering/design/operations:
• CCSP - Certified Cloud Security Professional [ISC2]
• AWS Security
• Azure Security Engineer
• Google Cloud and Apigee Security
• SalesForce, Mulesoft and other SaaS solutions specific security topics
• Working knowledge in Palo Alto, Prisma, Netskope
• Amazon and/or Microsoft certified Solutions Architect.
• Ability to identify patterns, and analyse and improve processes (business analysis)
• Software development and engineering including DevSecOps: fundamentals and experience
• IT System and networks design, build and administration
• Project Management including Agile Project Management (SAFE Agile, etc.)
• DevOps toolsets (CI/CD pipeline) and corresponding DevSecOps capabilities
• Microservices, containerisation, server-less computing/FaaS
• Software defined networking (e.g., SDN, SD-WAN and SDP)
• Software Programming/Coding in variety of languages
• Related Technical fundamentals at that point in time and what the market is procuring

Behavioural Competencies:

• Exceptional communication skills, both written and verbal
• Able deliver multiple engagements on time and within budget
• Proven ability to make decisions and the right judgement calls in complex projects and situations
• Creates a culture of trust, ownership and accountability across teams and projects
• On the job coaching for managers and professional staff and taking accountability for multiple large engagements
• Manages large engagement / multiple engagement deadlines holistically, identifying risks and escalating
• Drives continuous improvement
• Custodian of the business, shaping offerings that we need to proactively take to the market

Qualifications
Minimum Qualifications

• Relevant Degree, honours or post graduate diploma, professional qualifications e.g. B.Sc, BCom, or B.Ing/Eng or M.Sc.

Desired Qualifications
Advanced certifications, diplomas, professional certifications, advanced degrees in Cyber or information security - examples include:

• CISM (Certified Information Security Manager)
• CISSP (Certified Information Systems Security Professional)
• ISMP (Information Security Management Principles)
• Cloud engineering Cloud Security
• CCSP (Certified Cloud Security Professional) for AWS + Azure + GCP
• Working knowledge in Palo Alto, Prisma, Netskope
• Amazon and/or Microsoft certified Solutions Architect or suitable hands-on experience is required.

Minimum Experience

• 10 -12 years’ working experience

Desired Experience

• 7 years in a client facing role; 5 of these in a management role