Jobs Career Advice Signup
X

Send this job to a friend

X

Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Jan 10, 2022
    Deadline: Not specified
    • @gmail.com
    • @yahoo.com
    • @outlook.com
  • Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us

    Deloitte is one of the country's leading professional services firms in Southern Africa, and is dedicated to assisting companies succeed in the business environment- whether it be through our tax, audit, consulting or financial advisory services. At Deloitte, we understand that solutions are not just a static one dimensional report, but rather, an integrated...
    Read more about this company

     

    Risk Advisory – Cyber Risk- Emerging Technology – Senior Consultant

    Job Description
    The main purpose of the job is to support the engagement Manager/Senior Manager in the delivery of services on delegated client engagement/ projects.

    Focus on the delivery of client engagements and shares knowledge and experience with others

    Able to produce high quality deliverables and support junior team members. 

    Specialised Technical Capabilities:

    Supports the Development and Implementation on of Cyber Risk Solutions:

      Demonstrates an understanding of designing and implementing security solutions for industrial control Systems (ICS) in critical infrastructure, manufacturing sectors, power and utilities, oil & gas, chemical, and/or consumer products manufacturing. Possess an understanding of ICS/OT fundamentals, including but not limited to:

    •      Understanding OT related systems such as control systems (DCS) and supervisory control & data acquisition (SCADA) systems.
    •      Understanding of Network and communication protocols common in ICS environments.
    •      Understanding of ICS design considerations with emphasis on human and environmental safety, and the availability/reliability and security of the operational environment.
    •      Understanding and Knowledge of leading IT and OT security practices.
    •      Ability to apply relevant standards such as NIST 800-82 and IEC 63443
    •      Preparation and maintenance of policies, procedures and standards governing the security operations for ICS systems and networks.
    •      Demonstrates knowledge and/or proven record of success in security technologies such as firewalls, IDS/IPS, endpoint security solutions, access control systems, and other related security technologies within ICS Environment:
    •      In depth understanding of operating systems, network/system architecture, and architecture design aligned to engineering design methodologies.
    •      In depth understanding with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS).
    •      Aptitude to apply and utilise security tools and solutions to conduct risk assessment and understanding of the threat landscape on OT systems.
    •     Ability to learn new tools and techniques to automate manual effort and leverage digital solutions where possible.
    •      Understanding of IT and OT network communication protocols (e.g. TCP/IP, UDP. DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)
    •      Understanding of Industrial Internet of Things (IIoT) and Cloud services and their security implications in ICS,
    •      Understanding of OT and IT technology convergence and data interchange techniques, and their associated security techniques; and,
    •      Understanding of threats, vulnerabilities, and exploits in OT/ICS environments and appropriate mitigation techniques.

    Good technical capability and technical certifications would be advantageous

    •   Certified Information Systems Security Professional (CISSP) [ISC2]
    •   SABSA (Sherwood Applied Business Security Architecture)
    •   GICSP (Global Industrial Cybersecurity professional)
    •   Certified SCADA security Architect - CSSA
    •   Ability to identify patterns, and analyse and improve processes (business analysis)
    •   Software development and engineering including DevSecOps: fundamentals and experience
    •   Project Management including Agile Project Management (SAFE Agile, etc.)

    Behavioural Competencies:

    •   Excellent communication skills, both written and verbal
    •   Aptitude for learning new methods, techniques and tools
    •   Be able to demonstrate learning agility to new and emerging cyber threat
    •   Consistently delivers high quality work.
    •   Ability to meet deadlines (reliable and dependable)
    •   Able to Multi-task
    •   Proven initiatives in providing guidance to junior members of the project team
    •   Demonstrates readiness to take decisions
    •   Displays initiatives and takes accountability for delivery of work
    •   Assumes manager responsibility on delivery of assignments where required under pressurised circumstances
    •   Able to work under pressure
    •   Ability to prioritize competing responsibilities as per their urgency and importance, ability to multi-task on various client engagements

    Qualifications
    Minimum qualifications:

    • Relevant Degree, Honours or post graduate diploma, professional qualifications e.g., BSc Engineering (Electrical, mechanical, industrial, computer, electronics), BCom, or B. Ing/Eng or MSc

    Desired qualifications:

    Advanced certifications, diplomas, professional certifications, advanced degrees in Cyber or information security - examples include:

    •   CISM (Certified Information Security Manager)
    •   CISSP (Certified Information Systems Security Professional)
    •   ISMP (Information Security Management Principles)
    •   CCSP (Certified Cloud Security Professional)
    •   Certified Ethical Hacker – EC Council
    •   ISO27001 Lead Auditor/Implementer Certificate
    •   SABSA Chartered Security Architect
    •   (TOGAF) The Open Group Architecture Framework
    •   Cisco Unity Systems Engineer
    •   ITIL – IT Infrastructure Library Foundation

    Experience:

    3+ years of progressive experience with role(s) in a professional, consulting services (including Boutique Security Firm), public and/or private sector organizations is required.

    •   At least two years of those being exposed to industrial processes and or plant environment
    •   Demonstrates thorough knowledge and/or proven record of success designing and implementing security solutions for industrial control Systems (ICS) in critical infrastructure and/or manufacturing sectors, such as power and utilities, oil & gas, chemical, and consumer products manufacturing.
    •   Possess an understanding of ICS/OT fundamentals, including but not limited to:
    •   Understanding of Distributed control systems (DCS) and supervisory control & data acquisition (SCADA), Manufacturing Execution Systems (MES) and related architectures and components.
    •   Understanding of Network and communication protocols common in OT/ICS environments.
    •   Familiarity with Safety Instrumented Systems (SIS)
    •   Understanding of ICS design considerations with emphasis on human/environmental safety, availability/reliability and security of the operational environment.
    •   Understanding and Knowledge of leading IT and OT security practices and IT/OT convergence principles and secure data exchange techniques; and,
    •   Preparation and maintenance of policies, procedures and standards governing operations for ICS systems and networks.

      Experience with the one or more of the following:

    •       ISA/IEC 62443
    •       NIST Cyber Security Framework for Critical Infrastructures (CSF)
    •       NIST SP-800-82 and SP-800-53
    •       ISO/IEC 27001/2
    •       ISA 95/ Purdue Functional Model for Operational Technology

    Method of Application

    Interested and qualified? Go to Deloitte on jobs.smartrecruiters.com to apply

    Build your CV for free. Download in different templates.

  • Send your application

    View All Vacancies at Deloitte Back To Home

Subscribe to Job Alert

 

Join our happy subscribers

 
 
Send your application through

GmailGmail YahoomailYahoomail