Senior Manager - CyberRisk

Principle Accountabilities-

Business Development - Source new business and aid in organization's growth strategies. Develop and maintain contact with top decision makers at key clients, lead aspects of the proposal development process.

- Ability to build and enhance client relationships. Handle key accounts of Rs. 1 crore+ in value each. Ability to build new contacts within existing accounts and build turnover from existing accounts.

- Ability to understand client needs and draft proposals and effort estimates

Client Service Delivery - Understanding of information security project delivery. Ability to handle team of 2-4 persons in delivering client assignments.

- May need to handle information security or data privacy projects that may not be part of core expertise, so will need to seek help from SMEs within Deloitte, interpersonal skills are important.

- Provide high quality client service, working directly with our clients to understand management expectations, evaluate the current risk management environment, and design and implement solutions to identify, assess and respond to information security risks and improve risk management capabilities across their enterprise.

Engagement Management - Knowledge of information security and data privacy service offering and industry trends. Specialization in any one service area is desirable.

- Manage engagement risk and project economics including planning and budgeting, define deliverable content, ensure buy-in of proposed solutions from top management levels at the client.

Practice Development - Development and deployment of Deloitte methodologies (related to risk assessment and prioritization, risk responses, and risk management capability assessments), supporting tools and other materials. Active involvement in eminence activities.

People Development: - Perform role of counselor and coach, and provide input and guidance to staff development initiatives.

Active involvement in eminence activities.

- Perform role of counselor and coach, and provide input and guidance to staff development initiatives.

Person Specifications-

Education - B. Tech / BE and / or MBA. MBA is desirable.

Experience - 10+ years of hands-on experience in the multiple areas of Information Security, IT Risk consulting or any other regulatory / compliance audits with focus on outsourced risk advisory services

- Experience in delivering result oriented solutions to Senior Management and Boards of Directors.

- Experience with IT Regulatorycompliance and service organisation controls audits.

- Risk assessment and other risk management consulting experience.

- Experience with creating Information Security Framework and its related policies and procedures

- Desirable - Knowledge of Enterprise application such as ERP / CRM / Banking applications and native application controls

- Knowledge of IT Security aspects towards key areas like Cloud Computing, Cyber Risks, Network Security, database management systems, SDLC, IT general controls (ITGC), COBIT, COSO 2013, ISO 27001 2013.

- Excellent written and oral communication skills e.g. presentation to top management and report writing

- Proficiency with Microsoft Office applications

- Experience in managing professional service engagement teams

Certification - Essential: CISA

- Desirable: CISSP, CISM, ISO27001

Skills & Abilities - Good written and oral communication skills

- Team Management skills

- Organising Skills (Reporting, timeline management, etc.)

- Project Management skills

- Business Development