Manager, Technology & Cyber Assurance, Internal Audit & Controls, Technology and Transformation

Job description

Connect to your Industry

Deloitte's dynamic and innovative internal audit team provides clients with expert advice on some of the most challenging and complex engagements in the financial services industry. Due to recent marketplace successes, we are looking to recruit experienced candidates with a proven track record in the global financial services industry to support the delivery of internal audit services across the UK. Our clients include, but are not limited to, Banks, Building Societies, Insurers, Investment and Wealth Managers, Investment and Pension Funds and Private Equity businesses. As part of our successful team, you will play an important role in maintaining and growing the practice and developing our people.

Connect to your career at Deloitte

Deloitte drives progress. Using our vast range of expertise, we help our clients' become leaders wherever they choose to compete. To do this, we invest in outstanding people. We build teams of future thinkers, with diverse talents and backgrounds, and empower them all to reach for and achieve more.

What brings us all together at Deloitte? It's how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other , foster inclusion, and collaborate for measurable impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most .

Connect to your opportunity

As society's reliance on digital infrastructure deepens, protecting our essential services from cyber threats has become a national priority, placing the assurance work we do under greater levels of interest and scrutiny. You will be given the opportunity to engage with a broad set of individuals continually adapting, learning and developing as you work with various teams to understand and provide assurance over complex cyber security environment, particularly within organisations designated as Operators of Essential Services (OES) under the NIS Regulations. Your work will directly contribute to the security and resilience of the UK's most essential services, placing you at the forefront of national cyber security efforts.

Our Technology & Cyber Assurance team helps clients navigate complex regulatory landscapes and manage their cyber risk exposure. As a NCSC Cyber Resilience and Assurance (CRA) Assured Service Provider, we are a recognised leader in delivering high-quality assurance over cyber risk. Our principle areas of work include:

• Cyber internal audit
• Assurance
• Cyber maturity
• Compliance assurance
• Cyber risk management
• Operational resilience
• Cyber controls advisory
• Cyber third-party risk management and assurance

To meet the growing demand for these critical assessments and to bolster our specialist practice, we are looking for talented and motivated Managers to join this dynamic, fast-growing team. You will work with our high-profile clients to strengthen their cyber resilience in line with national standards. We encourage consideration of flexible ways of working, both formal and informal arrangements that allow for the best outcomes for our people and our clients. If this opportunity is of interest to you, please do discuss with us.

In your role, you will have responsibility for delivering engagements for a portfolio of clients, across various sectors and geographies. You will work with others in a team to deliver engagements in a flexible manner, accommodating for specific client needs as needed. This will allow the development of your management skills, providing you with a real opportunity to progress and drive your career through the firm.

You will have responsibility for:

• Delivering Cyber Assurance client engagements, working seamlessly and collaboratively with other colleagues and clients.
• Supporting aspects of the engagement lifecycle, from engagement take-on through to conclusion.
• Supporting junior members of the team (for example new graduates) and their development through training and coaching.
• Developing strong relationships with clients, acting as the day-to-day contact on many engagements.
• Engaging with client stakeholders and, where appropriate, supporting interactions with relevant Competent Authorities.
• Building your expertise across all sectors to develop genuine insight for our clients and sharing this knowledge with the wider team.
• Working seamlessly and collaboratively with colleagues and clients from other service lines.
• Supporting senior members of the team in developing our Cyber Assurance practice in business development, practice management and thought leadership activity.
• Working within a diverse and inclusive team, promoting a culture where people are recognised for their contribution.
• Having a clear understanding of the firm's commitment to nurturing an inclusive culture and supporting this through your actions
• Willingness to learn and develop through training, mentoring and coaching options.

Connect to your skills and professional experience

We are looking for a Cyber risk and assurance professional whose background includes conducting a wide range of audit and assurance engagements across a variety of cyber domains, with a particular focus on regulatory compliance frameworks such as the NIS Regulation and NCSC CAF.

The candidate must have:

• UK Cyber Security Council registration as Chartered, Principle or Associate;
• Demonstrable experience and a strong understanding of the UK NIS Regulations and the CAF;
• Working experience and knowledge of a broad range of cyber internal audit and assurance, assessing and reviewing cyber risks and controls; and
• Experience of working with the public sector (such as Energy, Transport, Health, Defence).
• Cyber qualifications such as CRISC, CISM, or CISSP.

The candidate should also have:

• Experience of interacting with senior client stakeholders;
• Involvement in client engagements for example leading the fieldwork, scoping, and reporting;
• Demonstratable experience in the ability to build effective relationships with multiple stakeholders both internally and externally with clients;
• Experience of working effectively in diverse team environment;
• A proactive mind-set, with the ability to take responsibility and drive key actions forward coupled with excellent oral and written communication skills to aid effective interaction with senior clients and stakeholders;
• A passion for self-improvement and the motivation to help contribute to the wider team and firm;
• Strong academics, including a minimum of 2.1 degree or equivalent experience; and
• Demonstratable experience in a broad range of cyber areas including one or several of the following areas:
  • cyber strategy and transformation programmes/change initiatives;
  • cyber target operating models;
  • cyber governance, risk management/assessment and compliance;
  • third party cyber risk management and assessment;
  • operational technology (OT) security concepts and controls;
  • security testing process and control (e.g. penetration testing, vulnerability management and red teaming etc.); and
  • security standards/frameworks (e.g. NCSC CAF, ISO 270001, IEC 62443, NIST 800-82, NCSC Guidance (including NCSC/CPNI SICS Framework) etc.)
• Information Security audit & assurance qualifications such as ISO27001 Lead Auditor or CISA;
• Specialist qualifications in Operational Technology (e.g., GICSP, ISA/IEC 62443 certificates) or Cloud Security (e.g., CCSP) would be a plus.

Connect to your business - Technology and Transformation

Distinctive thinking, deep expertise, innovation and collaborative working. That's what connects us. That's what makes us Deloitte. If you want to help solve some of the biggest tech and transformational challenges around, join us. Together, we'll make an impact that matters.

Finance Transformation

Our clients want to achieve maximum value from digital transformation investments in Finance. That's where we come in. By taking a holistic view of performance improvement, including strategy, process design and technology enablement, we support the smooth operation of transformations.

Personal independence

Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints (e.g., in relation to any financial interests and employment relationships). This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm, and also prohibitions on certain employment relationships (e.g., you are not permitted to hold a secondary employment role with SEC audit clients of the firm whilst being employed by the firm). The recruitment team will provide further details as you progress through the recruitment process, or you can contact the Independence team upon request.

Connect with your colleagues

"I thoroughly enjoy the opportunities and the people I engage with: they enrich my day immensely. Every week throws up new challenges, new risks to assess, new plans to develop."

-Montine, Technology & Transformation

"The great culture, flexibility, and range of experiences that Deloitte offers are what sets this firm apart. In Human Capital, Deloitte is far ahead of any of our immediate competitors."

-Sophia, Technology & Transformation

Our hybrid working policy

You'll be based in London with hybrid working.

At Deloitte we understand the importance of balancing your career alongside your home life. That's why we'll support you to work flexibly through our hybrid working policy. Depending on the requirements of your role, you'll have the opportunity to work in your local office, virtual collaboration spaces, client sites and remotely. You'll get the chance to meet face to face when needed, while you collaborate and learn from colleagues, share your experiences, and build the relationships that will fuel your career and prioritise your wellbeing. Please check with your recruiter about the specific working requirements that may apply for your role.

Connect to your return to work opportunity

Are you looking to return to the workplace after an extended career break?

For this role we can offer coaching and support designed for returners to refresh your knowledge and skills and help your transition back into the workplace after a career break of two years or more. If this is relevant for you, just let your recruiter know when you make your application.

Our commitment to you

Making an impact is more than just what we do: it's why we're here. So, we work hard to create an environment where you can experience a purpose you believe in, the freedom to be you, and the capacity to go further than ever before.

We want you. The true you. Your own strengths, perspective and personality. So, we're nurturing a culture where everyone belongs, feels supported and heard, and is empowered to make a valuable, personal contribution. You can be sure we'll take your wellbeing seriously, too. Because it's only when you're comfortable and at your best that you can make the kind of impact you, and we, live for.

Your expertise is our capability, so we'll make sure it never stops growing. Whether it's from the complex work you do, or the people you collaborate with, you'll learn every day. Through world-class development, you'll gain invaluable technical and personal skills. Whatever your level, you'll learn how to lead.

Connect to your next step

A career at Deloitte is an opportunity to develop in any direction you choose. Join us and you'll experience a purpose you can believe in and an impact you can see. You'll be free to bring your true self to work every day. And you'll never stop growing, whatever your level.

Discover more reasons to connect with us, our people and purpose-driven culture at deloitte.co.uk/careers

RTWPROG WPFULL SLTTECH