Risk Management - Strategy, Governance and Programs Manager

Deloitte Technology Risk Management Posted: 30-Nov-2022

Same job available in 12 locations

Atlanta, Georgia, United States

Austin, Texas, United States

Charlotte, North Carolina, United States

Cincinnati, Ohio, United States

Dallas, Texas, United States

Hermitage, Tennessee, United States

Houston, Texas, United States

Miami, Florida, United States

Orlando, Florida, United States

San Antonio, Texas, United States

Tampa, Florida, United States

Toronto, Ontario, Canada

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

Work you'll do

As the Risk Management - Strategy, Governance & Programs Manager within the Deloitte Technology (DT) Cybersecurity organization you will be accountable for the development of key components of Deloitte Technology’s risk management strategy. The role will also entail operational responsibility for managing elements of the risk governance program within DT, and the leadership of select critical risk programs and initiatives that implement and further the DT risk strategy and support the first line of defense (1LOD) against technology risks and threats.

This role requires the ability to work cross-functionally within a complex and highly matrixed organization as well as the ability to clearly communicate to, influence and persuade stakeholders at the senior leadership level.

Some specific responsibilities of the role will include:

  • Working proactively with leadership to drive the development, evolution and refinement of Deloitte Technology’s risk management strategy – including definition of key priorities, objectives, capabilities, initiatives, operating model, and interaction models with member firms and operational DT service areas.
  • Developing a network of risk management champions (across DT service areas and Deloitte member firms) to shape & embed the DT risk management program within and across our operational service lines.
  • Leading the operations of Deloitte Technology’s risk governance including communications with key stakeholders, maintenance of the committee roster, calendar, agendas and decisions/key actions. Maintain interactions with governance teams supporting other key related committees.
  • Contributing to the management and planning of the DevHub program for certification of solution development organizations. This includes managing updates to the technical validation elements of the Technical Certification Framework (TCF), and management of interactions with DT PMO, DTTL Strategy & Innovation, Global Risk and other key stakeholders.
  • Contributing to the development and maintenance of a consolidated IT Risk reporting capability to provide consistent and regular visibility to senior leadership regarding critical IT risks across Deloitte Technology.
  • Definition and refinement of program metrics (KPIs/KRIs) to measure and demonstrate program effectiveness and for providing visibility into risks to senior leadership.
  • Development of additional detailed reporting, dashboards and analysis on program status, effectiveness and progress as needed.
  • Driving risk management best practices and develop easy to use tools, products and templates for use across Deloitte Technology service areas.
  • Contributing to the development / configuration of enabling tools to support IT risk management functions across Deloitte Technology service areas (e.g. GRC).
  • Leading (and/or contributing to) special or ad-hoc projects and initiatives within DT Risk Management as needed to support the implementation of the DT risk strategy and to achieve key objectives.
  • Contributing to an environment that fosters innovation and enables continuous improvement of the risk and compliance mindset across Deloitte Technology, potentially including developing content for a training and awareness program.
  • Interact in both oral and written communications in matters related to information technology risk with all levels of Deloitte Technology including senior leadership, global risk, office of general counsel (OGC), auditors, customers, engineering / solution development teams, and technology vendors and contractors.

The team

Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.


  • Bachelor’s degree in business, management, accounting, information systems, computer science, engineering or related field; or equivalent practical experience or applicable certification (CRISC, CISA, CISSP).
  • At least 3 years of industry experience in risk management and compliance
  • Experience with risk management frameworks, cloud, infrastructure and cybersecurity controls and translating regulatory risks to standards and technical requirements
  • Working knowledge of various control frameworks (NIST 800 series, ISO27001, SOX, SOC, GDPR, HIPAA, PCI).
  • Ability to distill pertinent information from disparate information sources and recommend/deliver effective, balanced recommendations and outcomes
  • Ability to quickly adapt to shifting priorities, demands and timelines through both analytical and problem-solving capabilities.
  • Proven management people, program and project management skills leading to successful execution of established goals and objectives.
  • Demonstrated experience as a strong cross-group collaborator and team player, dealing with complexity conflict resolution, and influencing cross-functionally
  • Familiarity with governance, risk and compliance (GRC) tools/platforms.

Our culture

At Deloitte Global people are valued and respected for who they are – with opportunities to bring their unique perspectives, talents and passions to business challenges. Our global workspace creates room for individuality and collaboration. Ours is an inclusive, supportive, connected culture with a focus on development, flexibility, and well-being. This culture makes Deloitte Global one of the most rewarding places to work, and to transform your career.

Professional development

From entry-level employees to senior leaders, we believe in investing in you, helping you identify and hone your unique strengths at every step of your career. We offer opportunities to build new skills, take on leadership opportunities, and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.


At Deloitte, we value our people and offer employees a broad range of benefits. Our Total Rewards program reflects our continued commitment to lead from the front in everything we do—that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being.

At Deloitte Global, we know we’re at our best when we look out for one another; prioritize respect, fairness, development and wellbeing; foster an inclusive culture and embrace diversity in all forms. All qualified applicants will receive consideration for employment regardless of their background, experience, identity, ability or thinking style, and if you need assistance or an accommodation during the application process for accessibility reasons this is available upon request. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.