Manager - Security And Privacy

RSM offers the combined benefits of a big firm including extensive networks, training and career opportunities – within a highly supportive, people-oriented workplace. This combination provides the ideal environment to build skills and confidence. At RSM, one of our core values is to help our people achieve their best. Successful candidates will be responsible for effectively delivering engagements and projects while managing client relationships and staff. Security & Privacy (S&P) managers are expected to have responsibility for extensive client contact, staff training, management & development; and liaising with third parties You will be skilled and experienced at managing the whole project lifecycle for IT general controls audit, cyber Security and information security services. As manager you will also aspire to developing strategic, business development and leadership skills. The RSM Security & Privacy Services provide specialist skills in the disciplines of IT governance, IT risk consulting, Cyber, information Security and IT audit. We service organisations in the government and private sectors and operate across all technology platforms and software environments. Key Responsibilities Provide client management with guidance on IT / Cyber security risk management, particularly on application, database, operating system and network infrastructure security. Help identify improvement opportunities for clients and write/QA reports for clients with recommendations for identified findings. Perform IT / Cyber / technology risk assessments, manage technical security related reviews, assess the effectiveness of processes/controls and risks related to third party organisations. Manage completion of each assignment, being accountable for high-quality standards, delivery within budget and on or before deadlines, while managing the progress of other assignments. Management of various engagements and co-ordination of the S&P team including training, mentoring and relevant methodology compliance. Writes high quality client deliverables in conjunction with the partner; including reports; management letters and other correspondence; that provide practical and commercial business advice. Performs Quality Assurance and technical reviews of S&P work. Identifies potential technical issues and documenting issue and proposed solution for partner attention Coordination and relationship management with other divisions. Understands all relevant independence rules and their applicability to the S&P team and the Firm. Maintain strong budgetary discipline ensuring there are no major over runs. Ability to plan effective and realistic budgets. Together with partner negotiates fees and demonstrates commercial responsibility for profitability of each client. Monitors the teams staffing requirements and future resource planning issues. Work with and influence clients at senior levels in different business environments. Identifies client business needs and assists partner in developing a tailored solution. Assists partners and senior managers in business development and marketing activities, including the drafting of proposal and quote documentation and identification of opportunities. Contributes to internal management of division, including consideration and involvement in strategic, leadership and staffing matters. Can confidently contribute to internal and external meetings and is able to present effectively. Education and other Requirements: Essential Successful Criminal Record Screening Clearance Relevant tertiary degree and/or qualification is essential. Relevant professional certification/qualification is essential, e.g., Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®); Certified in Risk and Information Systems Controls® (CRISC®); etc. Minimum 5-9 years’ Professional Services experience in Cyber / IT technical delivery, IT audit, internal controls, or risk management. Experience performing and managing security risk assessments, testing or auditing of cybersecurity or information security standards or governance frameworks (e.g. one or more of COBIT, NIST Cyber Security Framework, ASD Top 35 and Essential Eight, PCI DSS, CIS Critical Security Controls Top 20, PSPF, Australian Government Information Security Manual, VPDSS, ISO/IEC 27001, Cloud Security Alliance Guidance, Australian Privacy Principles, GDPR). Experience overseeing engagements where teams are completing various technical testing assessments and be able to translate technical findings and articulate recommendations for non-technical client staff. Knowledge of IT processes, project management, applications, databases, operating systems and network infrastructure to apply better practice guidance and identify opportunities for improvement. Outstanding interpersonal and communications skills, able to communicate effectively in verbal and written format with technical and non-technical audiences. Strong analytical and written communication skills. Ability to develop effective solutions and enhancements in an innovative manner. Experience managing a client portfolio, able to provide first class service in response to client demands. Strong attention to detail and prioritising skills, able to produce high quality work autonomously and as part of a team. Experience managing a team effectively; including performance management. Desirable Demonstrated knowledge in data analytics audit techniques using relevant data analytical tools. Business Development exposure.