Job Opportunity at Deloitte
About
“Deloitte” is the brand under which approximately 330,000 dedicated professionals in independent firms throughout the world collaborate to provide audit and assurance, consulting, financial advisory, risk advisory, tax and related services to select clients.
Background
Cyber Risk (CR) is one of the practice Risk Advisory (RA). CR is comprised of professionals with a broad range of information technology and cyber risk management consulting skills. CR professionals focus on information systems and technology that manage risk and/or drive operational, financial and regulatory compliance processes; as well as solutions that manage the risk associated with information technology itself. These professionals perform data protection, data governance and data privacy assessments, remediation, implementation and integration of end-to-end solutions in these areas. They also deliver advisory services focused on risk and compliance to IT management and senior executives.
Position Available
Risk Advisory | Cyber Risk
Level: Senior Consultant /Consultant
Focus Service: Penetration Testing and Vulnerability Assessment
Identity Access Management (IAM)
Cybersecurity Assessment/ISO Consulting/Cyber Simulation Exercises
Information Protection and Data Governance
At Deloitte, we offer a unique and exceptional career experience to inspire and empower talents like you to make an impact that matters for our clients, people and community. Whatever your aspirations, Deloitte offers you a highly inclusive, collaborative workplace and unrivalled opportunities to realize your full potential. We are always looking for people with the relentless energy to push themselves further, and to find new avenues and unique ways to reach our shared goals.
So what are you waiting for? Join the winning team now.
At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves everyday to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. In addition to living our purpose, Senior Associates / Senior Consultants / Assistant Manager across our Firm are expected to:
1.Understand objectives for stakeholders, clients and Deloitte whilst aligning own performance to
objectives and sets personal priorities.
2.Develop themselves by actively seeking opportunities for growth, shares knowledge and experiences
with others, and acts as a strong brand ambassador.
3.Seek opportunities to challenge themselves, collaborate with others to deliver and takes
accountability for results.
4.Build relationships and communicates effectively in order to positively influence peers and
stakeholders.
5.Work effectively in diverse teams within a highly inclusive team culture where everyone is supported,
respected and recognized for their contribution.
Focus Service: Penetration Testing and Vulnerability Assessment
Responsibilities:
• Perform vulnerability assessment, penetration test and security source code review
• Apply problem solving skills and deliver Deloitte methodology on engagements
• Develop excellent professional oral and written communication skills in order to establish working
relationships with client personnel
• Develop professional skills in various technology risk / security and privacy domains
• Build industry knowledge to understand risk management issues relevant to that particular business
• Exercise professional judgment on engagements by providing proactive solutions and recommendations
• Provide recommendations for improved and enhanced business efficiency to clients
Requirements:
• Bachelor degree or higher in Computer Engineering, Computer Science, Information Systems,
Accounting Information Systems or other related fields
• Hold professional certifications e.g. CISSP, CISM, CSSLP, OSCP, CEH, GPEN or other security
certifications is preferred
• More than 2 years experienced in IT Security, IT Security Assessment (Penetration Test) or system
administration or programming (JAVA, .NET) is preferred
• Familiar with ISO/IEC 27000, OWASP or leading security standards or frameworks
• Good analytical skill, communication and presentation skills with MS Office proficiency
• Ability to work on multiple assignments and manage ambiguity
• Ability to work both independently and as part of a team with professionals at all levels
Focus Service: Identity Access Management (IAM)
Responsibilities:
• Be part of the growing identity management services practice, delivering digital identity
consulting services and development of digital identity platforms
• Participates in the operating model conceptualization, system design of identity access management
solutions and system implementation and operationalization
• Engaged in different pillars of identity management services, ranging from digital access
management, privileged identity management, identity governance and compliance, user credentials
and security key management etc
• Opportunities to grow with the firm with evolving roles from technology centric to business
focused roles within Deloitte cybersecurity practice
• Ability to work in overseas
Requirements:
• Bachelor degree or higher in Computer Engineering, Computer Science, Information Systems or other
related fields.
• More than 2 years experienced in software development and/or programming language, Java is a must.
• Experienced in Unix/Linux platform.
• Experienced in design or implement IAM with any IAM/IDM product is a plus.
• Passion in working on technology platforms and possess good programming knowledge
• Demonstrated strong verbal and written communication skills in both Thai and English
• Keen to develop cybersecurity skillsets in Identity Access Management
• Ability to work on multiple assignments and manage ambiguity
• Ability to work both independently and as part of a team with professionals at all levels
Focus Service: Cybersecurity Assessment/ISO Consulting/Cyber Simulation Exercises
Responsibilities:
• Assist in planning, organizing and carrying out information security management, IT security
design & implementation, IT security assessment assignments and Cyber Simulation exercise as
assigned.
• Apply problem solving skills and deliver Deloitte methodology on engagements.
• Develop excellent professional oral and written communication skills in order to establish working
relationships with client personnel.
• Develop professional skills in various technology risk / security and privacy domains.
• Build industry knowledge to understand risk management issues relevant to that particular
business.
• Exercise professional judgment on engagements by providing proactive solutions and
recommendations.
• Provide recommendations for improved and enhanced business efficiency to clients.
Requirements:
• Bachelor degree or higher in Computer Engineering, Computer Science, Information Systems,
Accounting Information Systems or other related fields. Master degree is preferred
• Hold professional certifications e.g. CISM, ISO/IEC 27001, ISO/IEC 20000, ISO 22301, CISA or other
security certifications is preferred
• More than 2 years experienced in IT Implementation, IT Security, IT audit, IT Risk Management
preferably in a professional firm
• Familiar with ISO/IEC 27000, ISO/IEC 20000, ISO 22301 standards and frameworks such as NIST, COBIT
and ITIL
• Good analytical skill, decision-making, communication and presentation skills with MS Office
proficiency
• Well understanding in Cyber Security Market situation as well as good understanding in business in
various industries
• Demonstrated strong verbal and written communication skills in both Thai and English
• Ability to prioritize tasks, work on multiple assignments, and manage ambiguity
• Ability to work both independently and as part of a team with professionals at all levels
Focus Service: Information Protection and Data Governance
Responsibilities:
• Translate data protection and privacy requirements into business processes, scenarios and project
implementations for our clients towards elaborating risk-mitigating and remediation plans.
• Design legal and operational mechanisms to be adopted by clients on various aspects of personal
data and privacy (e.g. privacy notices, DPO assistance, international data transfers, etc.).
• Develop our data protection and privacy services in Thailand by helping our clients to define
strategies for risk-based data governance.
• Advise on legal, operational and technical risks and put in place mitigating controls while
leveraging our multidisciplinary capabilities and tools.
• Apply problem solving skills in line with our Deloitte methodology on engagements.
• Develop excellent oral and written communication skills in order to establish working
relationships with clients.
• Build industry knowledge to understand data protection, data governance and privacy issues
relevant to specific business activities and technologies.
Requirements:
• Bachelor or Master degree preferably in Computer Engineering, Computer Science, Information
Systems, Accounting Information Systems or other related fields
• Familiarity with standards, frameworks and privacy laws such as ISO/IEC 27701, ISO/IEC 27001,
COBIT, ITIL, GDPR, PDPA would be a plus
• Holding one or more professional certifications would be a plus e.g. CIPP/E, CIPP/A, CDMP, CIPM,
CIPT, CISSP, CISM, CISA, ISO/IEC 27001
• Experienced in Data Loss Protection, Data Classification, Data Governance and/or Privacy is
advantage
• Good analytical and decision-making skills supported by clear communication in Thai & English and
presentation skills
• Out-of-the-box thinking to help our clients address the data protection and privacy challenges in
Thailand and across Asia