T&T Consultant - Cyber Strategy & Transformation - TH

Are you ready to unleash your potential?

At Deloitte, our purpose is to make an impact that matters for our clients, our people, and the communities we serve. 

We believe we have a responsibility to be a force for good, and WorldImpact is our portfolio of initiatives focused on making a tangible impact on society’s biggest challenges and creating a better future. We strive to advise clients on how to deliver purpose-led growth and embed more equitable, inclusive as well as sustainable business practices. 

Hence, we seek talented individuals driven to excel and innovate, working together to achieve our shared goals. 

We are committed to creating positive work experiences that foster a culture of respect and inclusion, where diverse perspectives are celebrated, and everyone is recognised for their contributions.

Ready to unleash your potential with us? Join the winning team now!

Work you'll do:

• Client Engagements: Delivering engagements and working with clients' stakeholders to understand their business objectives and cybersecurity needs. Assist in planning, organizing, and delivering cyber security projects as assigned, including leading the project team and supporting the project management activities.
• Team Leadership: Lead and mentor a team of cybersecurity consultants/ analysts, fostering a culture of collaboration and continuous improvement.
• Professional Development: Provide guidance and support to junior team members in their professional development.
• Client Relationships: Build and maintain strong relationships with clients, serving as a trusted advisor on cybersecurity matters.
• Cybersecurity Assessment: Assess the existing client’s cybersecurity capabilities against standards/frameworks (people, process, technology), identify gaps, and provide actionable recommendations for improvement.
• Regulatory/ Standard Compliance: Ensure client strategies comply with relevant cybersecurity regulations, standards (e.g., NIST, ISO), and industry best practices.
• Cyber Strategy Development: Develop tailored cybersecurity strategies that align with the client’s business goals, regulatory requirements, and risk profile. Working with SMEs to develop a strategic cyber security plan and roadmap to improve the client's cyber security posture over 3-5 years.
• Cyber Architecture Review: Assess the client’s network, enterprise, and security architecture, propose a target state model, identify gaps, and provide recommendations for improvement.
• Cyber Risk Management: Design and develop a cybersecurity risk management framework, policy, and procedures, including the roles, responsibilities, operation model, risk register, cyber risk formula, and risk evaluation criteria.
• Cyber Risk Assessments: Conduct cybersecurity risk assessments and develop mitigation plans to address potential security threats, including developing a cyber security KPI/ KRI, cyber risk threshold, and cyber risk report for the management.
• Cyber Operating Model: Advise clients about transforming cybersecurity organizations, including improving cybersecurity organizations, roles, responsibilities, competencies, and performance evaluation of cybersecurity personnel.
• Cyber Training Awareness: Delivering security training and awareness for the client’s various stakeholders.
• Cyber Maturity Improvement/ Remediation: Assist clients with implementing cyber security recommendations, programs, and initiatives. This includes assisting the implementation of cyber security technologies/ solutions, designing and developing control designs, frameworks, policies, procedures, and guidelines, and supporting the implementation of cyber security controls.

Your role as a leader

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Consultants across our Firm are expected to:

• Demonstrate a strong commitment to personal learning and development.
• Understand how our daily work contributes to the priorities of the team and business.
• Understand the set expectations and demonstrate accountability in keeping personal performance on track.
• Actively focus on developing effective communications and relationship-building skills with stakeholders, clients and team.
• Demonstrate an appreciation for working with others.
• Understand what is fundamental to Deloitte’s success as a business.
• Demonstrate integrity and an awareness of strengths, differences, and personal impact.
• Develop their understanding of Deloitte and offer a fresh perspective.

Requirements

• Bachelor's degree in information security, information systems management, computer science, engineering, or other related discipline.
• More than 2 years of experience in information technology, IT audits, or cybersecurity.
• Strong leadership and team management capabilities, with experience mentoring and developing consultants.
• Ability to work independently and as part of a team with professionals at all levels.
• Outstanding problem-solving skills, including the ability to analyze complex issues, develop hypotheses, and recommend solutions.
• Demonstrate clear, articulate, and confident written and verbal communication in English.
• Team player with excellent interpersonal and communication skills 
• Exposure to international standards (e.g., NIST, CIS 20, ISO27001, PCI - DSS, and data privacy) and strong knowledge of cybersecurity concepts (e.g., Identity and Access Management, Asset Security, Network Security, Security Operations, Cloud Security, and Software Development Security).
• Experience in the following areas will be an advantage: cybersecurity assessments, cloud security, security architecture review, cyber risk assessments, DevSecOps, cybersecurity governance, cybersecurity/ IT audit.
• Certification in CISSP, CISM, CISA, CRISC, CEH, ECIH, CHFI, CTIA, Security+, Network+, CySA+, CCSK, OSCP, CRTP, ISO 27001 lead auditor or implementor is highly advantageous.

Due to volume of applications, we regret only shortlisted candidates will be notified.

Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request money or your personal information. Kindly apply for roles that you are interested via this official Deloitte website. 

#LI-CP