Job Ref #: ADV CYB JHB 01OCT24 KM
Industry: Advisory
Job Type: Permanent
Positions Available: 1

Job Description

Purpose of the role:

To qualify for the role, you must have:
 - Minimum of 4 years' experience 
 - Experience in assessing an implementing security and risk standards including ISO 2700X, NIST, ITIL, COBIT
 - Experience in security risk assessment and planning using different frameworks and tools
 - Experience in penetration testing on infrastructure, network, wep applications, and source code review
 - Experience in cloud security benchmarking, risk assessment and cyber solutions
 - Manage security configurations reviews on operating systems, databases and network devices
 - Experience in cybersecurity awareness training, VAPT, MDR, SOC/SIEM, etc.
 - Bachelor's degree in computer science, Information Systems, or related training in Information Security
 - Industry certification (e.g., CompTIA Security+, CEH, CISSP)

 

Job Requirements

Requirements:

To qualify for the role, you must have:
 - Minimum of 4 years experience 
 - Experience in assessing an implementing security and risk standards including ISO 2700X, NIST, ITIL, COBIT
 - Expereince in security risk assessment and planning using different frameworks and tools
 - Expereince in penetration testing on infrastructure, network, wep applications, and source code review
 - Expereince in cloud security benchmarking, risk assessment and cyber solutions
 - Manage security configurations reviews on operating systems, databases and network devices
 - Experience in ybersecurity awareness training, VAPT, MDR, SOC/SIEM, etc.
 - Bachelors Degree in Computer Science, Information Systems, or related training in Information Security
 - Industry certification  (e.g., CompTIA Security+, CEH, CISSP)

Business /Brand Development/Operational Excellence:

BDO Brand:

Develops effective networks/relationships inside and outside of the firm and maintains the contacts to identify opportunities. Provide key contacts per year (new or old) and evidence of contact activities i.e. meetings and outcomes.
- Identifies opportunities and grow existing client base, inclusive of the public sector, to a minimum of 1200k per annum. This includes cross selling BDO's other departments’ services into our contacts & clients. 
- Compiles at least 12 technical proposals (min of 1 per month) proposals and/or tenders annually to meet current and/or prospective clients' expectations. 
- Identifies at least 2 opportunities, write-ups or presentations in a year for the development of new products or promotion of current services and procedures. 
- Understands and speaks knowledgeably about the Cyber Lab service line.
- Assists in the BEE activities/actions in both the BDO and Cyber arena (Staff, procurement & Clients)
- Ensures that a client satisfaction survey is completed after the completion of the engagement. (NPS Scoring and Rating) 

Policies & Procedures:

Ensures personal and team adherence to BDO policies and procedures (leave, dress code, conduct etc.)

Staff:

 Manages team effectively on a day-to-day basis (staff, budgets, deadlines) ensuring that a plan is followed, and objectives are met.

Time sheets:

 Reviews timesheets/WIP reports and travel claims on Maconomy every Monday by 12H00 and on the same day carries out formal follow-ups on staff who have not submitted their timesheets. 

Productivity:

 Check productivity levels for self (60%), ensure they are meeting the set levels and communicate productivity levels to Managers weekly.

Audit:

- Gives feedback to senior managers at audit debriefs or when required to do so, escalates problems to senior managers promptly
- Ensures the engagement letter is prepared at least 1 week before starting date of the audit and/or the Audit Committee whichever is first.

Budget:

Participates in the compilation of the Cyber department's annual budget.

Financial:

 Ensure WIP is billed monthly.
- Debtors should be kept with a minimum of 30 days including write offs, & provisions. 
- Minimum of 65% recoverability on one’s portfolio. 
- Check productivity levels for self and staff ensure they are meeting the set levels and communicate productivity levels to staff on a monthly basis

 

Client:

Ensures all client background information is obtained and is filed on the server a week before the engagement commences.
- Obtain an understanding of the problem during the client meeting and ensure the problem is formally documented and filed eletrinically.
- Ensures that performance and documentation of work comply with the Cyber methodology through progressive/continuous review of work papers.
- IT reviews –Performance and documentation of work is per defined filing method.
- Ensures on-site presence at least 24hrs on an 80hrs assignment.

Staff:

Communicates all appropriate deadlines to  staff and monitor progress according to pre-established time lines through:
     The Debrief meeting
     Scope and Time Budgets
- Identifies engagement resource requirements and ensures that the most appropriate resources are assigned to specific assignment roles – update the planning board at least a month in advance for staff with upcoming assignments.
- Provide update as and when an assignment is confirmed however should be showing staff occupation every week

Reviews:

Ensures an effective audit programme is prepared a day after Process documentation is reviewed.
- Performs review of work papers within two days of receipt from staff with final Manager’s review done within a week after fieldwork is complete.
- Reviews the work papers as the work progresses and final file before closeout meeting
- Ensures the draft report is produced for Director review within a week after fieldwork reviews are complete.
- Ensures the draft report is produced for Director’s review and discussed with client at the closeout for any changes.

Reviews:

Issues Final report, with client responses/comments addressed to the client, after Director’s approval within two weeks after the draft report issue date.

- Issue the final report within a month after the draft report depending on the nature of the investigations.
- Ensures the Audit File is up to the standard required for an external Quality Assurance Review according to the QAR Checklist.  
- Management of change control in respect off the quality procedures as set out in the Quality Manual.
- Ensures that the audit file is in the defined format.
- Should ensure the supporting documentation are filed.

- Judges the sensitivity of both client and management information and treats it appropriately

Relationship:

Develops team spirit/building in the Department involving the team members:
- Involvement through Leading meetings
- Building relationships through social events
- Building Trust through transformation
- Developing successful teams by working together

Staff Development:

- R50artment involving the team members:
     Involvement through Leading meetings
     Building relationships through social events
     Building Trust through transformation
     Developing successful teams by working together
- Conducts effective on the job training, ensuring that training needs of the junior staff are appropriately addressed through knowledge impartation and use of coaching notes/review notes. Feedback will be given through 360 evaluations done yearly.
- Obtains feedback from staff and check that instructions are understood and observed – hold audit debriefs N52 embodying behaviours consistent with the TEC vision and values that others respect and from which they learn. Feedback will be given through 360 evaluations done yearly.

Own Development:

Identify training needs/ gaps
- Arrange with Director for required training/ courses
- Remains technically up to date - maintenance of CPE/ CPD Hours and/or attending at least 4 relevant courses/ conferences/ seminars in a year

REACT:

REACT is a promise to ourselves to ALWAYS DO THE RIGHT THING and create a space that is safe and comfortable for our colleagues to speak up. We need to BE EXCEPTIONAL and drive a culture that allows us to deliver the best service to our clients and ADD VALUE through actively seeking new ways to deliver efficiently and effectively. A proactive attitude to COLLABORATE TO WIN by utilising all our resources as we can only be STRONGER TOGETHER by working as one.