Share this Job

Cyber Risk Manager


Sydney, NSW, AU


•    Mentoring programs – receive support and coaching to progress your career
•    Flexible work arrangements – work in a way that suits you best
•    World-class learning and leadership programs


This is an exciting opportunity to continue growing a career in cyber security and risk management as part of the Confidentiality & Information Security Office (CISO) function within Deloitte Australia.


What will your typical day look like?

Reporting to Deloitte’s Cyber Risk Director, your primary role will be to provide balanced, risk-based security advice to the various Deloitte business teams.  You will assist your Director building new GRC capabilities, consulting across the business to manage technology risk, and documenting appropriate controls for new and emerging technologies. You will prepare and deliver cyber risk assessments for all of our new initiatives – products, services and acquisitions. 


As part of the role, you will educate and advise our various business teams about identified risks and how best to mitigate them. You will also:

  • Work with our vendors and project teams to conduct security risk and controls assessments;
  • Stay knowledgeable of current trends in all areas of information technology concerning vulnerabilities, security breaches or malicious attacks
  • Identify defensive steps to take, including required firewalls, security software and data encryption for new products or services
  • Identify risks and assess applicability of security controls to minimise cyber risk in applications and systems. 
  • Work collaboratively with IT and the Business to ensure implementation of recommended security controls and ensure compliance
  • Support Director with the execution of strategy to elevate security and provide deep value to client-facing teams 
  • Document and communicate recommended security controls and deficiencies

About the team
Our Confidentiality & Information Security Office (CISO) is Deloitte’s internal security function. It sits within the national risk team and is a key enabler in protecting Deloitte. Our goal is to embed security risk intelligent culture across Deloitte through a world class security program. Such a culture empowers our people, giving them the capacity to act. It also reduces adverse outcomes and helps to cement our reputation for first class service delivery.

We are a highly visible internal security team that balances agility and innovation against client security requirements on a daily basis. Joining our team presents an excellent opportunity for you to develop your resilience expertise and to gain exposure to the entire firm, including our most senior Partners.


Enough about us, let’s talk about you.
You will have:

  • 3 - 5 years of experience in applied cyber security (plus experience in risk management and consultancy ideal); possessing sound business and technical acumen
  • Experience undertaking risk assessments, controls improvement and compliance assurance;
  • Knowledge of many aspects of information security with in-depth understanding and experience of many of the following areas: Firewalls, IDS/IPS, VPN, Identity and Access Management, Web Filtering, Data Encryption, Vulnerability Management, Active Directory, SIEM, Cloud security, etc.
  • Strong written and oral communication skills to communicate ideas to technical and non-technical audiences; ideally with a proactive approach to problem solving and being highly self-motivated and directed
  • Experience with GRC tools to understand, evaluate and quantify risk.
  • Familiarity with Risk Assessment methodologies; certifications like CISSP, CRISC, or CISA ideal


Why Deloitte?
At Deloitte, we create positively differentiated work experiences that enable our people to feel valued and achieve their full potential. We value difference and embrace people with diverse backgrounds and thinking styles. Knowing that people work best in a variety of ways, we are happy to discuss alternative arrangements if the working pattern you are looking for is not specifically indicated.


Next Steps
This is an exciting opportunity to develop a career in business resilience at Deloitte Australia. Sound like the sort of role for you? Apply now! We’d love to hear from you.



By applying to this job, you will be assessed against the Deloitte Global Talent Standards. We’ve designed these standards to provide our clients with a consistent and exceptional Deloitte employee experience globally.

Deloitte is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, or any other characteristic protected by law. If you need assistance or an accommodation during the application process because of a disability, it is available upon request. 

The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.