T&T Consultant - Cyber Strategy and Transformation - ID

Location: Jakarta, ID

Are you ready to unleash your potential?

At Deloitte, our purpose is to make an impact that matters for our clients, our people, and the communities we serve.

We believe we have a responsibility to be a force for good, andWorldImpact is our portfolio of initiatives focused on making a tangible impact on society’s biggest challenges and creating a better future. We strive to advise clients on how to deliver purpose‑led growth and embed more equitable, inclusive as well as sustainable business practices.

Hence, we seek talented individuals driven to excel and innovate, working together to achieve our shared goals.

We are committed to creating positive work experiences that foster a culture of respect and inclusion, where diverse perspectives are celebrated, and everyone is recognised for their contributions.

Ready to unleash your potential with us? Join the winning team now!

• Client Engagements: Delivering engagements and working with clients' stakeholders to understand their business objectives and cybersecurity needs. Assist in planning, organizing, and delivering cyber security projects as assigned, including leading the project team and supporting the project management activities.
• Team Leadership: Lead and mentor a team of cybersecurity consultants/ analysts, fostering a culture of collaboration and continuous improvement.
• Professional Development: Provide guidance and support to junior team members in their professional development.
• Client Relationships: Build and maintain strong relationships with clients, serving as a trusted advisor on cybersecurity matters.
• Cybersecurity Assessment: Assess the existing client’s cybersecurity capabilities against standards/frameworks (people, process, technology), identify gaps, and provide actionable recommendations for improvement.
• Regulatory/ Standard Compliance: Ensure client strategies comply with relevant cybersecurity regulations, standards (e.g., NIST, ISO), and industry best practices.
• Cyber Strategy Development: Develop tailored cybersecurity strategies that align with the client’s business goals, regulatory requirements, and risk profile. Working with SMEs to develop a strategic cyber security plan and roadmap to improve the client's cyber security posture over 3-5 years.
• Cyber Architecture Review: Assess the client’s network, enterprise, and security architecture, propose a target state model, identify gaps, and provide recommendations for improvement.
• Cyber Risk Management: Design and develop a cybersecurity risk management framework, policy, and procedures, including the roles, responsibilities, operation model, risk register, cyber risk formula, and risk evaluation criteria.
• Cyber Risk Assessments: Conduct cybersecurity risk assessments and develop mitigation plans to address potential security threats, including developing a cyber security KPI/ KRI, cyber risk threshold, and cyber risk report for the management.
• Cyber Operating Model: Advise clients about transforming cybersecurity organizations, including improving cybersecurity organizations, roles, responsibilities, competencies, and performance evaluation of cybersecurity personnel.
• Cyber Training Awareness: Delivering security training and awareness for the client’s various stakeholders.
• Cyber Maturity Improvement/ Remediation: Assist clients with implementing cyber security recommendations, programs, and initiatives. This includes assisting the implementation of cyber security technologies/ solutions, designing and developing control designs, frameworks, policies, procedures, and guidelines, and supporting the implementation of cyber security controls.

• Bachelor's degree in information security, information systems management, computer science, engineering, or other related discipline.
• More than 2 years of experience in information technology, IT audits, or cybersecurity.
• Strong leadership and team management capabilities, with experience mentoring and developing consultants.
• Ability to work independently and as part of a team with professionals at all levels.
• Outstanding problem-solving skills, including the ability to analyze complex issues, develop hypotheses, and recommend solutions.
• Demonstrate clear, articulate, and confident written and verbal communication in English.
• Team player with excellent interpersonal and communication skills
• Exposure to international standards (e.g., NIST, CIS 20, ISO27001, PCI - DSS, and data privacy) and strong knowledge of cybersecurity concepts (e.g., Identity and Access Management, Asset Security, Network Security, Security Operations, Cloud Security, and Software Development Security).
• Experience in the following areas will be an advantage: cybersecurity assessments, cloud security, security architecture review, cyber risk assessments, DevSecOps, cybersecurity governance, cybersecurity/ IT audit.
• Certification in CISSP, CISM, CISA, CRISC, CEH, ECIH, CHFI, CTIA, Security+, Network+, CySA+, CCSK, OSCP, CRTP, ISO 27001 lead auditor or implementor is highly advantageous.

Due to volume of applications, we regret only shortlisted candidates will be notified.

Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request money or your personal information. Kindly apply for roles that you are interested via this official Deloitte website.

#LI-AN

Requisition ID: 109582

In Indonesia, the services are provided by Imelda & Rekan and other related entities in Indonesia ("Deloitte in Indonesia"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Indonesia, which is within the Deloitte Network, is the entity that is providing this Website.