Cyber Security Manager

BDO South Africa

2026/03/13   JHB Illovo

Job Ref #: ADV CYB JHB 11MAR26 KM
Industry: Advisory
Job Type: Permanent
Positions Available: 1
The role of the Manager: Cybersecurity includes contribution to technical insights relevant to client engagements and internal projects. Actively establish, maintain and strengthen internal and external relationships.  Identify potential business opportunities for BDO within existing engagements and the market, execution and management of a team of specialists, senior consultants and consultants.
Job Description

The purpose of the role:

The role of the Manager: Cybersecurity includes contribution to technical insights relevant to client engagements and internal projects. Actively establish, maintain and strengthen internal and external relationships.  Identify potential business opportunities for BDO within existing engagements and the market, execution and management of a team of specialists, senior consultants and consultants. Control engagement budget, WIP and manage debtors. The Manager: Cybersecurity will be responsible for the following key activities to achieve the main objectives:
- Managing Client Relationships
- Planning of cybersecurity, IT audit, licensing reviews and other specialised engagements
-  Execution of Cybersecurity IT audit, licensing reviews and other specialised engagements 
-  Managing the resources assigned to each project and control WIP
- Manage the day-to-day activities of any assignment (from planning, execution to reporting).
- Rolling out managed detection and response service to clients
- Manage team responsible for managed services  
- Performance management (Cyber Strategy and Planning, Testing and Verification, GRC, Security Risk Management and Incident Response, Cybersecurity Solutions)

Job Requirements

Requirements:

To qualify for the role, you must have:
 - Minimum of  7 years experience (3 years in a management position)
 - Experience in assessing an implementing security and risk standards including ISO 2700X, NIST, ITIL, COBIT
 - Experience in security risk assessment and planning using different frameworks and tools
 - Experience in penetration testing on infrastructure, network, web applications, and source code review
 - Experience in cloud security benchmarking, risk assessment and cyber solutions
 - Manage security configurations reviews on operating systems, databases and network devices
 - Experience in cybersecurity awareness training, VAPT, MDR, SOC/SIEM, etc.
 - Bachelor's Degree in Computer Science, Information Systems, or related training in Information Security
 - Industry certification (e.g., CISA, CISM, CompTIA Security+, CEH, CISSP)

Business /Brand Development/Operational Excellence:

- Develops effective networks/relationships inside and outside of the firm and maintains the contacts to identify opportunities. Provide key contacts per year (new or old) and evidence of contact activities i.e. meetings and outcomes.
- Identifies opportunities and grow existing client base, inclusive of the public sector, to a minimum of 1200k per annum. This includes cross selling BDO's other departments’ services into our contacts & clients. 
- Compiles at least 12 technical proposals (min of 1 per month) proposals and/or tenders annually to meet current and/or prospective clients' expectations. 
- Identifies at least 2 opportunities, write-ups or presentations in a year for the development of new products or promotion of current services and procedures. 
- Understands and speaks knowledgeably about the Cyber Lab service line.
- Assists in the BEE activities/actions in both the BDO and Cyber arena (Staff, procurement & Clients)

Policies & Procedures: 

- Ensures personal and team adherence to BDO policies and procedures (leave, dress code, conduct etc.)

Staff:

- Manages team effectively on a day-to-day basis (staff, budgets, deadlines) ensuring that a plan is followed and objectives are met

Time sheets:

- Reviews timesheets/WIP reports and travel claims on Maconomy every Monday by 12H00 and on the same day carries out formal follow-ups on staff who have not submitted their timesheets. 

Productivity:

- Check productivity levels for self (60%), ensure they are meeting the set levels and communicate productivity levels to Managers weekly.

Audit:

- Gives feedback to senior managers at audit debriefs or when required to do so, escalates problems to senior managers promptly
- Ensures the engagement letter is prepared at least 1 week before starting date of the audit and/or the Audit Committee whichever is first.

Budget:

- Participates in the compilation of the Cyber department's annual budget.

Client:

'- Ensures all client background information is obtained and is filed on the server a week before the engagement commences.
- Obtain an understanding of the problem during the client meeting and ensure the problem is formally documented and filed electronically.
- Ensures that performance and documentation of work comply with the Cyber methodology through progressive/continuous review of work papers.
- IT reviews –Performance and documentation of work is per defined filing method.
- Ensures on-site presence at least 24hrs on an 80hrs assignment.

Staff:

- Communicates all appropriate deadlines to staff and monitor progress according to pre-established time lines through:
     The Debrief meeting
     Scope and Time Budgets
- Identifies engagement resource requirements and ensures that the most appropriate resources are assigned to specific assignment roles – update the planning board at least a month in advance for staff with upcoming assignments.
- Provide update as and when an assignment is confirmed however should be showing staff occupation every week

Reviews:

- Ensures an effective audit programme is prepared a day after Process documentation is reviewed.
- Performs review of work papers within two days of receipt from staff with final Manager’s review done within a week after fieldwork is complete.
- Reviews the work papers as the work progresses and final file before closeout meeting
- Ensures the draft report is produced for Director review within a week after fieldwork reviews are complete.
- Ensures the draft report is produced for Director’s review and discussed with client at the closeout for any changes

-Issues Final report, with client responses/comments addressed to the client, after Director’s approval within two weeks after the draft report issue date.

- Issue the final report within a month after the draft report depending on the nature of the investigations.

- Ensures the Audit File is up to the standard required for an external Quality Assurance Review according to the QAR Checklist.  
- Management of change control in respect off the quality procedures as set out in the Quality Manual.
- Ensures that the audit file is in the defined format.
- Should ensure the supporting documentation are filed.
- Judges the sensitivity of both client and management information and treats it appropriately

Relationship:

Develops team spirit/building in the Department involving the team members:
- Involvement through Leading meetings
- Building relationships through social events
- Building Trust through transformation
- Developing successful teams by working together

Staff Development:

- Leads by setting a personal example of excellence, acting as a role model, embodying behaviours consistent with the TEC vision and values that others respect and from which they learn. Feedback will be given through 360 evaluations done yearly.

Own Development:

Identify training needs/ gaps
- Arrange with Director for required training/ courses
- Remains technically up to date - maintenance of CPE/ CPD Hours and/or attending at least 4 relevant courses/ conferences/ seminars in a year.