Position Summary

Deloitte & Touche LLP seeks a Advisory Manager in Cleveland, OH.

 

Work You’ll Do

Play lead role in engagement planning, economics, and billing, quality review management efforts. Demonstrate a general knowledge of market trends and competitor activities and assist in retention of professionals. Organize and manage Roundtable events for the financial services clients to share industry insights / trends and perspectives on key regulatory requirements. Provide updates and engage in executive communications to C-Suite level clients. Manage/Lead development efforts for requests for proposals, requests for information and to contribute in sales initiatives. Identify and evaluate complex business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement. Assist in the selection and tailoring of approaches, methods, and tools to support service offerings or industry projects. Use technology-based tools or methodologies to review, design, and/or implement products and services. Construct and assess high-level and detailed security programs translating business needs and regulatory requirements into cost effective and risk appropriate controls. Identify opportunities to improve engagement profitability. Understand clients’ business environment and basic risk management approaches. Manage information security strategies and plans based upon generally accepted security standards. Utilize knowledge of business processes, internal control risk management, IT controls, business and information technology management processes, and market trends on client engagements. Manage development of program guidance documents such as third party risk management policies, procedures and standards. Build and nurture strong client relationships. Generate innovative ideas and participate in decision making with engagement management.

 

#LI-DNI

 

Requirements

  • Bachelor's (or higher) degree in Computer Science, Information Systems, Computer Engineering, or related field (willing to accept foreign education equivalent).
  • Five years of cyber risk experience.
  • Experience must include five years of:
    • Assisting clients in transforming third-party risk and cyber security programs to meet strategic business goals, industry leading practices, and compliance and regulatory requirements;
    • Identifying potential cyber threats for clients in the Financial Services and Consumer Products industry and developing a risk-driven prioritized roadmap to improve overall cyber security maturity;
    • Designing, implementing, and executing third party frameworks, operating models, implementation strategy, policies, standards, procedures, and assessment templates to support the third party risk management (TPRM) program in accordance with U.S. and global regulations, including New York State Department of Financial Services (NY DFS), National Institute of Standards and Technology (NIST) and Federal Financial Institutions Examination Council (FFIEC), Office of the Comptroller of the Currency (OCC), and ISO 27001/2 requirements;
    • Conducting cybersecurity maturity assessments, utilizing NIST CSF, NIST 800-53, FFIEC, OCC, and ISO requirements;
    • Designing and implementing risk tiering methodologies for inherent and residual risk, risk assessment questionnaires based on industry standards, third party issues management framework, key risk and performance indicators, and risk reporting strategies for executive and program levels;
    • Performing cybersecurity and third party assessments by conducting technical interviews with senior client leadership, identifying gaps in the control environment, developing remediation recommendations, performing quality checks, and designing prioritized roadmaps focused on security and operational enhancements;
    • Building training modules, developing training materials, and conducting client workshops to provide businesses and risk functions an overview of third parties and associated risks, end-to-end TPRM process, and high-level roles and responsibilities;
    • Developing business requirements for tools to support cyber security and application security implementation programs; and
    • Mentoring and coaching junior team members.
  • In the alternative, the employer is willing to accept a Master's degree and three years of experience as stated above.
  • Position requires 80% travel. 


Our people and culture

Our diverse, equitable, and inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Learn more about our inclusive culture.

Professional development

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Learn more about our commitment to developing our people.


Requisition code: 17415

SCAM ALERT

Caution against fraudulent job offers!

We have been informed of instances where jobseekers are led to believe of fictitious job opportunities with Deloitte US (“Deloitte”). In one or more such cases, false promises of actual or potential selection, or initiation or completion of the recruitment formalities appear to have been or are being made. Some jobseekers appear to have been asked to pay money to specified bank accounts of individuals or entities as a condition of their selection for a ‘job’ with Deloitte. These individuals or entities are in no way connected with Deloitte and do not represent or otherwise act on behalf of Deloitte.

We would like to clarify that:

  • At Deloitte, ethics and integrity are fundamental and not negotiable.
  • We are against corruption and neither offer bribes nor accept them, nor induce or permit any other party to make or receive bribes on our behalf.
  • We have not authorized any party or person to collect any money from jobseekers in any form whatsoever for promises of getting jobs in Deloitte.
  • We consider candidates on merit and that we provide an equal opportunity to eligible applicants.
  • No one other than designated Deloitte personnel (e.g., a Deloitte recruiter or Deloitte hiring partner) is permitted to extend any job offer from Deloitte.

Anyone who at any time has made or makes any payment to any party in exchange for promises of job or selection for a job with Deloitte or any matter related to this (including those for ‘registration’, ‘verification’ or ‘security deposit’) or otherwise engages with any such person who has made or makes fraudulent promises or offers, does so (or has done so) entirely at their own risk. Deloitte takes no responsibility or liability for any such unauthorized or fraudulent actions or engagements. We encourage jobseekers to exercise caution.