Cybersecurity Governance, Policies, and Standards Lead - Senior Manager

Cyber Security Information Technology Posted: 15-May-2022

Same job available in 30 locations

Atlanta, Georgia, United States

Austin, Texas, United States

Boca Raton, Florida, United States

Buffalo, New York, United States

Calgary, Alberta, Canada

Charlotte, North Carolina, United States

Cincinnati, Ohio, United States

Cleveland, Ohio, United States

Columbus, Ohio, United States

Dallas, Texas, United States

Des Moines, Iowa, United States

Detroit, Michigan, United States

Edmonton, Alberta, Canada

Greater Toronto, Ontario, Canada

Halifax, Nova Scotia, Canada

Hermitage, Tennessee, United States

Houston, Texas, United States

Indianapolis, Indiana, United States

Jacksonville, Florida, United States

Kansas City, Missouri, United States

Milwaukee, Wisconsin, United States

Montreal, Quebec, Canada

Nashville, Tennessee, United States

Orlando, Florida, United States

Raleigh, North Carolina, United States

Richmond, Virginia, United States

Salt Lake City, Utah, United States

San Antonio, Texas, United States

Tampa, Florida, United States

Tulsa, Oklahoma, United States

Position summary:

Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with other experts in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture? 

Want to make an impact that matters? Consider Deloitte Global.

Work you'll do


·       Lead development of security policies and standards exception management process.

·       Set future direction and lead continuous improvement of security policies and standards exception management process.

·       Support the development of security policies and standards exception management automation and tooling and continued enhancement.


·       Lead the formation and management of Security Policies and Standards Exception Management team. 

·       Prioritize and assign exception requests to team members.

·       Oversee timely and quality performance of exception evaluations, recommendations, and reports.

·       Present exception recommendations to senior cybersecurity, risk, and technology leadership. 

·       Establish and report on exception management performance metrics.

Relationship Management 

·       Develop and maintain relationships with senior cybersecurity, technology, legal, and risk leaders within DTTL and its member firms.

·       Develop and maintain relationships with primary exceptions management leaders in member firms.

·       Lead security policies and standards exception management working group and participate in cybersecurity and risk working groups as required.

What you'll be part of - our Deloitte Global Culture:

At Deloitte, we expect results. Incredible—tangible—results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and implement global strategies and provide programs and services that unite our network.

In Deloitte Global, everyone has opportunities. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.

Who you'll work with:

Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.


·       Bachelor’s degree: degree in business administration, a technology-related field, or equivalent education-related experience

·       Minimum of 10 years of combined experience in the Information Security / Cybersecurity domain with a focus on cybersecurity governance and risk management

·       At least five years’ experience holding a management and leadership role

·       At least three years’ experience in leading a team responsible for security policies and standards exception management

·       Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels

·       Good leadership and management skills with the ability to manage a global team

·       Sound knowledge of business management and expert knowledge of information / cybersecurity risk management and governance

·       Knowledge of common information security management frameworks such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework

How you'll grow:

Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.

Benefits you'll receive:

Deloitte’s Total Rewards program reflects our continued commitment to lead from the front in everything we do—that’s why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.

Corporate citizenship:

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.