Senior Manager - Cyber Assurance
Professional Services, Consulting
Minimum Requirements
- 12+ years of experience in cybersecurity assurance, technology risk, IT audit, or related governance roles.
- Proven experience leading complex cyber assurance or cyber governance engagements within a professional services or consulting environment.
- Strong understanding of cybersecurity frameworks and leading practices, including: ISO/IEC 27001
- NIST CSF
- CIS Controls
- Zero Trust architectures
- Cloud security best practices across Azure, AWS, and GCP
- COBIT
- Hands‑on familiarity with cybersecurity concepts and cloud environments (for contextual understanding; not implementation-focused).
- Demonstrated success in business development and senior client relationship management.
- Professional certifications such as CISA, CISSP, CISM, CRISC, CCSP, ISO 27001 Lead Auditor/Implementer , or cloud security certifications are highly advantageous.
- in a Big 4 or similar professional services environment is preferred.
- Strong leadership, communication, and stakeholder management skills.
- Living our Purpose - Acts as a role model, embracing and living our purpose and values, and recognizing others for the impact they make.
- Talent development - Develops high-performing people and teams through challenging and meaningful opportunities.
- Performance drive - Delivers exceptional client service; maximizes results and drives high performance from people while fostering collaboration across businesses and borders.
- Influence - Influences clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people.
- Strategic direction - Understands key objectives for clients and Deloitte, aligns people to objectives and sets priorities and direction.
Responsibilities
- Drive business development efforts to expand Deloitte’s Cyber Assurance practice across South Africa, with support to the Africa Member Firm when needed.
- Originate and convert new opportunities focused on cyber governance, control assurance, cloud security assurance, vulnerability management assurance, and ISO 27001 reviews.
- Build and sustain strong relationships with C‑suite executives, cybersecurity leaders, audit committees, and boards.
- Represent Deloitte as a thought leader on cybersecurity governance, assurance, and risk management.
- Contribute to thought leadership, go‑to‑market strategies, and industry engagements focused on strengthening organisational cyber resilience through assurance-driven insights.
- Lead and manage complex Cyber Assurance engagements, including: Cybersecurity controls assurance (IT general controls, cybersecurity controls testing).
- Security governance and operating model assessments.
- Cloud security assurance across Azure, AWS, and GCP environments.
- Vulnerability management assurance and cyber maturity assessments.
- Identity and access management assurance.
- ISO 27001 control reviews and readiness assessments.
- Ensure all work adheres to leading industry frameworks and standards, including: ISO/IEC 27001
- NIST Cybersecurity Framework (CSF)
- CIS Controls
- Zero Trust principles
- Cloud security standards across major hyperscalers
- COBIT
- Drive high‑quality, risk-based, value-driven outcomes that enhance clients’ cybersecurity posture and control maturity.
- Leverage emerging tools and methodologies to continuously improve assurance delivery.
- Note: This role is separate from operational cybersecurity services (e.g., tool configuration, pentesting, SOC operations, incident response)
- Build, grow, and lead a high-performing Cyber Assurance team, scaling from a lean foundation to a robust capability.
- Mentor and develop practitioners at all levels, fostering a culture of excellence, collaboration, inclusion, and continuous skills development.
- Provide technical guidance on cybersecurity frameworks, assurance methodologies, cloud security concepts, and ISO requirements.
- Collaborate with regional and global Deloitte teams to bring leading practices, accelerators, and methodologies to the Africa market.
