Technology Risk Management Senior Analyst- Security Inquiry Response Center

Risk Risk Management Posted: 14-Nov-2022

Same job available in 24 locations

Ann Arbor, Michigan, United States

Atlanta, Georgia, United States

Austin, Texas, United States

Baltimore, Maryland, United States

Charlotte, North Carolina, United States

Chicago, Illinois, United States

Cincinnati, Ohio, United States

Cleveland, Ohio, United States

Columbus, Ohio, United States

Dallas, Texas, United States

Detroit, Michigan, United States

Hermitage, Tennessee, United States

Houston, Texas, United States

Indianapolis, Indiana, United States

Jacksonville, Florida, United States

Louisville, Kentucky, United States

Memphis, Tennessee, United States

Miami, Florida, United States

Milwaukee, Wisconsin, United States

Nashville, Tennessee, United States

O'fallon, Illinois, United States

Phoenix, Arizona, United States

St. Louis, Missouri, United States

Toronto, Ontario, Canada

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

Work you'll do


  • Contribute to the development of best practices and stay up to date on global security policies, standards and technology
  • Support the Technology Risk Manager in activities related to information security inquiries, including: 
  • Analyzing and evaluating client, regulator and member firm information security requests, assessments, and audits; and 
  • Gathering/pre-populate responses and refinement activities using the global delivery team.
  • Connect with the Client Security Leads/Subject Matter Experts to improve delivery quality.
  • Responsible for highlighting issues found in the Standard Answer Banks (SABs) and illustrating where changes are necessary.
  • SAB maintenance (e.g., following up with owners on expired answers and if they need updating)    
  • As part of cross-training, assist with deep-dive controls testing for high-risk areas for independent validation of issues and remediation efforts, and assist with client, regulatory 

The team

Global Risk develops programs, processes, and resources to preserve, protect, and enhance the Deloitte brand around the world. We identify new and emerging risks that might impact the network, mitigate threats as they are identified and proactively engage key stakeholders to develop identification and mitigation procedures.

Qualifications

  • Bachelor’s Degree or higher in business administration, a technology-related field, or equivalent experience.
  • Minimum of three (3) years demonstrated experience in applying leading practices in a large-scale Information Security, Technology Risk or Operational Risk environments, including strategy development and execution, risk and governance experience.
  • Basic knowledge of Information Systems Security, cyber security, IT auditing, IT risk management and compliance and/or vendor security risk management
  • Working knowledge of GRC tools (e.g., Archer, ServiceNow, etc.) and Unified Compliance Framework (UCF).
  • Working knowledge of various IT risk frameworks, methodologies, leading industry/assurance standards and regulations, as well as attestation reporting frameworks, such as the ISO family of standards (27001/2, ISO 22301, ISO 27017, etc.), NIST, COBIT, SOC2 reporting framework.
  • Basic knowledge of significant security and privacy laws and regulations in the Americas, Europe, Middle East, Asia, Africa, and Oceania is preferable (e.g., GDPR).
  • Experience in developing and applying standards, principles, methods, and leading IT risk governance practices in large-scale Information Security, Technology environments.
  • Experience working and liaising with executives (e.g., CIO, CISO, Directors, Principals) senior management

Our culture

At Deloitte Global people are valued and respected for who they are – with opportunities to bring their unique perspectives, talents and passions to business challenges. Our global workspace creates room for individuality and collaboration. Ours is an inclusive, supportive, connected culture with a focus on development, flexibility, and well-being. This culture makes Deloitte Global one of the most rewarding places to work, and to transform your career.

Professional development

From entry-level employees to senior leaders, we believe in investing in you, helping you identify and hone your unique strengths at every step of your career. We offer opportunities to build new skills, take on leadership opportunities, and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

Benefits

At Deloitte, we value our people and offer employees a broad range of benefits. Our Total Rewards program reflects our continued commitment to lead from the front in everything we do—that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being.


At Deloitte Global, we know we’re at our best when we look out for one another; prioritize respect, fairness, development and wellbeing; foster an inclusive culture and embrace diversity in all forms. All qualified applicants will receive consideration for employment regardless of their background, experience, identity, ability or thinking style, and if you need assistance or an accommodation during the application process for accessibility reasons this is available upon request. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.