Jobs Career Advice Signup

Send this job to a friend


Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Sep 1, 2021
    Deadline: Not specified
  • Deloitte is one of the country's leading professional services firms in Southern Africa, and is dedicated to assisting companies succeed in the business environment- whether it be through our tax, audit, consulting or financial advisory services. At Deloitte, we understand that solutions are not just a static one dimensional report, but rather, an integrated...
    Read more about this company


    Risk Advisory – Cyber Strategy - Security Architect – Senior Consultant

    Job Description

    • The main purpose of the job is to support the engagement Manager in the delivery of services on delegated client engagement/ projects.
    • Focus on the delivery of client engagements and shares knowledge and experience with others
    • Able to produce high quality deliverables and support junior team members. 

    Specialised Technical Capabilities:

    Supports the Development and Implementation on of Cyber Risk Solutions:

    •   Ability to develop and execute strategies, architectures, and roadmaps to provide client with need-based, value-adding, and cost-effective Cyber risk solutions
    •      Ability to analyse the client’s cyber security infrastructures to enable targeted and data-driven enhancements
    •      Keeps in mind the client’s business needs when developing assessment frameworks to ensure effective, targeted, and actionable analyses
    •      Applies multiple security testing methodologies and techniques to assess client’s security infrastructures and identify / evaluate vulnerabilities
    •      Gathers data and determines priority criteria to build an integrated roadmap that addresses all facets of a Cyber Assessment or implementation
    •      Assesses cyber security policies and procedures to analyse compliance with regulatory requirements and evaluate overall operational efficiency; provides clients with mitigating solutions
    •      Is proficient with multiple domain-specific cyber security technology solutions and can effectively design the integration of them to meet and exceed client’s needs
    •      Enables sustainability and continuous improvement of cyber security solutions by assessing and enhancing client’s cyber security governance infrastructures
    •      Understands and applies cyber threat intelligence and profiling to the design and assessment of client systems
    •      Tests the effectiveness of client’s cyber security technologies to identify and articulate opportunities for improvement across the digital, physical, and social elements of the client
    •      Conducts complex business process assessments to help clients identify, analyse, and prioritize gaps and risks; applies findings to make recommended upgrades aligned to the overall strategy
    •      Develops effective and sustainable technology and Cyber risk management strategies by tailoring leading Cyber frameworks on key clients’ business and technology needs
    •     Understands the interaction of business and technology processes / risks and can explain it in business terms to both technical and non-technical audiences

    Technical competencies:

    •   Knowledge and appreciation of the wider Cyber Security issues and opportunities beyond the specific domain specialisation
    •   Display an understanding of Security architecture
    •   Understanding and experience with developing architecture artefacts using modelling methods such as ArchiMate™, UML, BPMN and/or others
    •   Awareness of Enterprise Architecture and understanding of Enterprise Security Architecture
    •  Strong knowledge of Third-Party management
    •   Technical skills such as Java, Javascript, Unix / Windows system administration and scripting are preferred.
    •   An understanding of at least one of the leading IAM products (Sailpoint, CyberArk, Forgerock or others)
    •   Well acquainted with LDAP, PKI, SSL, JNDI,
    •   Apply solutions and products in the following IT security areas:  Data
    •   Data Leak Prevention     
    •   Classification Solutions  
    •   Endpoint and network security
    •   Data encryption including endpoint, email and databases
    •   Cryptography, PKI and centralized key management
    •   Database, networking, messaging, web proxy technologies  
    •   Good working knowledge of networks and network architecture and integrations
    •   Understanding of information security principles and best practice (e.g., ISO27001 and ISF Standards of Good Practice for Information Security)  

    Good technical capability and technical certifications in the following areas:

    •   Software / solution architecture, design and development
    •   Secure architecture and engineering principles
    •   Development and open source technology experience
    •   Understands the integration points of Cyber sub offering with broader Digital Risk, Cyber Risk and enterprise consulting offerings in line with market demand.
    •   Apply deep knowledge of disruptive trends and competitor activity to drive continuous improvement.
    •   Certified Information Security Manager (CISM)
    •   Certified Information Systems Security Professional (CISSP) [ISC2]
    •   SABSA (Sherwood Applied Business Security Architecture)
    •   CISSP-ISSAP (Certified Information Systems Security Professional-Information Systems Security Architecture Professional) [ISC2]

      Cloud Security:

    •      AWS Security
    •      Azure Security Engineer
    •      Google Cloud and Apigee Security
    •      SalesForce, Mulesoft and other SaaS solution specific security learning
    •      SalesForce, Mulesoft and other SaaS solution specific security learning

      Information and Cyber Security Frameworks: ISO/IEC 27001/2; NIST SP800-53; NIST CSF; CYBOK

    •   ISO 27001 Lead Implementer/Auditor
    •  SWIFT CSP (Cyber Security Programme)
    •   IoT: internet of things security
    •  CCISO (Certified Chief Information Security Officer) [EC Council]
    •   Ability to identify patterns, and analyse and improve processes (business analysis)
    •   Software development and engineering including DevSecOps: fundamentals and experience
    •   IT System and networks design, build and administration
    •   Project Management including Agile Project Management (SAFE Agile, etc.)
    •   Microservices, containerisation, DevOps toolsets (CI/CD pipeline)
    •   Software Programming/Coding in variety of languages
    •   Related Technical fundamentals at that point in time and what the market is procuring

    Behavioural Competencies:

    •   Excellent communication skills, both written and verbal
    •   Consistently delivers high quality work.
    •   Ability to meet deadlines (reliable and dependable)
    •   Able to Multi-task
    •   Proven initiatives in providing guidance to junior members of the project team
    •   Demonstrates readiness to take decisions
    •   Displays initiatives and takes accountability for delivery of work
    •   Assumes manager responsibility on delivery of assignments where required under pressurised circumstances
    •   Able to work under pressure
    •   Ability to prioritize competing responsibilities as per their urgency and importance, ability to multi-task on various client engagements

    Minimum qualifications:

    • Relevant Degree, Honours or post graduate diploma, professional qualifications e.g. BSc, BCom, or B.Ing/Eng or MSc

    Desired qualifications:

    Advanced certifications, diplomas, professional certifications, advanced degrees in Cyber or information security - examples include:

    •   CISM (Certified Information Security Manager)
    •   CISSP (Certified Information Systems Security Professional)
    •   ISMP (Information Security Management Principles)
    •   CCSP (Certified Cloud Security Professional)
    •   Certified Ethical Hacker – EC Council
    •   ISO27001 Lead Auditor/Implementer Certificate
    •   SABSA Chartered Security Architect
    •   (TOGAF) The Open Group Architecture Framework
    •   Cisco Unity Systems Engineer
    •   ITIL – IT Infrastructure Library Foundation


    • 4+ years of progressive experience with role(s) in a professional, consulting services (including Boutique Security Firm), public and/or private sector organizations is required.

      Experience in;

    •      Software / solution architecture, modelling, design and development
    •      Secure architecture and engineering principles
    •      Designing network layer security solution
    •      Web and mobile application security, including mobile gateway security and multi-channel security
    •      PCI standards and Payments
    •     Software development and open source technology experience
    •      Privacy implementation according to POPIA and/or GDPR
    •      Laws related to Information Security, Cyber Security, Data Protection and/or Privacy

    Method of Application

    Interested and qualified? Go to Deloitte on to apply

    Note: Never pay for any training, certificate, assessment, or testing to the recruiter.

  • Send your application

    View All Vacancies at Deloitte Back To Home
Average Salary at Deloitte
R 305K from 31 employees

Career Advice

View All Career Advice

Subscribe to Job Alert


Join our happy subscribers

Send your application through

GmailGmail YahoomailYahoomail