Senior Consultant - Assistant manager Security and Risk Advisory
Job no: 492887
Work type: Full time
Categories: National IT
Successful candidates will be responsible for effectively delivering engagements and projects while managing client relationships and staff. Security & Privacy (S&P) Assistant Managers are expected to have responsibility for extensive client contact, staff training, management & development; and liaising with third parties. You will be skilled and experienced at managing the whole project lifecycle for IT general controls audit, cyber security and information security services. As Assistant Manager you will also aspire to develop strategic, business development and leadership skills.
The RSM Security & Privacy Services provide specialist skills in the disciplines of IT governance, IT risk consulting, Cyber, information security and IT audit. We service organisations in the government and private sectors and operate across all technology platforms and software environments.
- Provide client management with guidance on IT / Cyber security risk management, particularly on application, database, operating system and network infrastructure security. Help identify improvement opportunities for clients and write/QA reports for clients with recommendations for identified findings.
- Perform IT / Cyber / technology risk assessments, manage technical security related reviews, assess the effectiveness of processes/controls and risks related to third party organisations.
- Assisting in the management of various audit teams simultaneously with numerous engagement team members per audit, including assisting with planning, execution, scheduling staff, training and mentoring.
- Undertaking or arranging to undertake special consulting or other reviews as required. These may include system software reviews, new system development technical evaluations, post implementation reviews, contingency planning reviews, logical / physical access reviews and installation reviews.
- Manage completion of each assignment, being accountable for high-quality standards, delivery within budget and on or before deadlines, while managing the progress of other assignments.
- Management of various engagements and co-ordination of the S&P team including training, mentoring and relevant methodology compliance.
- Writes high quality client deliverables in conjunction with the partner; including reports; management letters and other correspondence; that provide practical and commercial business advice.
- Performs Quality Assurance and technical reviews of S&P work.
- Assist in identifying potential technical issues and documenting issue.
- Keep on top of key industry factors.
- Assist in planning strong and realistic budgets and maintain strong budgetary discipline.
- Monitors their teams staffing requirements and future resource planning issues.
- Work with and influence clients at senior levels in different business environments.
- Identifies client business needs and assists partner in developing a tailored solution.
- Assists partners and senior managers in business development and marketing activities, including the drafting of proposal and quote documentation and identification of opportunities.
- Contributes to internal management of division, including consideration and involvement in strategic, leadership and staffing matters.
- Can confidently contribute to internal and external meetings and is able to present effectively.
- Relevant tertiary degree and/or qualification is essential.
- Relevant professional certification/qualification is essential, e.g., Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®); Certified in Risk and Information Systems Controls® (CRISC®); etc.
Demonstrated Experience & Attributes
- Minimum 5-9 years’ Professional Services experience in Cyber / IT technical delivery, IT audit, internal controls, or risk management.
- Experience performing and managing security risk assessments, testing or auditing of cybersecurity or information security standards or governance frameworks (e.g. one or more of COBIT, NIST Cyber Security Framework, ASD Top 35 and Essential Eight, PCI DSS, CIS Critical Security Controls Top 20, PSPF, Australian Government Information Security Manual, VPDSS, ISO/IEC 27001, Cloud Security Alliance Guidance, Australian Privacy Principles, GDPR).
- Experience overseeing engagements where teams are completing various technical testing assessments and be able to translate technical findings and articulate recommendations for non-technical client staff.
- Knowledge of IT processes, project management, applications, databases, operating systems and network infrastructure to apply better practice guidance and identify opportunities for improvement.
- Outstanding interpersonal and communications skills, able to communicate effectively in verbal and written format with technical and non-technical audiences.
- Strong analytical and written communication skills.
- Ability to develop effective solutions and enhancements in an innovative manner.
- Experience managing a client portfolio, able to provide first class service in response to client demands.
- Strong attention to detail and prioritising skills, able to produce high quality work autonomously and as part of a team.
- Experience managing a team effectively; including performance management
- Demonstrated knowledge in data analytics audit techniques using relevant data analytical tools.
- Business Development exposure
Advertised: AUS Eastern Standard Time
Back to search results Apply now Refer a friend