Deloitte’s Risk & Financial Advisory Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise.
Job Summary
We are seeking an experienced professional to join our team, who will have extensive experience in Cyber Strategy Technology Risk, Analytics, Quantification and Solution Management. This role involves supporting our client teams in defining and executing their Cyber Tech Risk program’s strategy, operations, and supporting technology solutioning, deployment, and its continued operations. The candidate with construct and assess detailed security programs translating business needs and regulatory requirements into cost-effective risk-management strategy and operating model. The candidate will also act as a solution architect internally for cyber metrics, analytics, risk quantification and drive the definition, design, and deployment of solutions and services to advance Deloitte Cyber's Technology Risk offering within Cyber Strategy.
Key Responsibilities
- Define and Execute Program Strategies: Develop comprehensive strategies for risk and compliance management, including governance models, organizational structures, policies, standards, communication plans, and training initiatives.
- Define and Implement Frameworks: Create and enhance enterprise risk management frameworks based on industry standards such as NIST, ISO 27001,COBIT, PCI-DSS, , GDPR, SSAE 18 SOC, NY DFS and HIPAA, utilizing various GRC technologies.
- Lead Cyber Strategy Tech Risk Analytics Solutions: Oversee the development of Deloitte’s Cyber Strategy Tech Risk Analytics, Quantification and Management reporting solutions, ensuring alignment with industry best practices, leading technologies, and evolving client needs related to risk and threats.
- Evaluate and Implement Platforms: Assess, build and deploy various technology risk management analytics platforms (e.g., Cyber Metrics , Analytics and Quantification, ServiceNow, GRC Archer, etc.) and associated modules integration, including GRC, SecOps, ITSM, SIEM, ITAM, CMDB, , and automation workflows.
- Drive Continuous Improvement: Utilize industry-leading practices and technology-based tools or methodologies to enhance the monitoring, delivery, and reliability of Deloitte Cyber’s services provided to clients.
- Serve as a Trusted Advisor: Advise executive leaders on risk and compliance management, offering insights and recommendations. Collaborate with them to resolve business problems by translating functional requirements into technical solutions.
- Lead Practice Development: Develop go-to-market methodologies and solutions to address clients’ Cyber risk and compliance challenges.
- Offer Thought Leadership: Provide guidance on industry leading practices for development, while participating in the evaluation of new requirements.
- Manage and Mentor Teams: Lead and mentor a global team, ensuring the effective delivery of technology risk management services and capabilities.
The team
Deloitte Advisory’s Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. With deep experience across a broad range of industries, Deloitte Advisory’s Cyber Risk professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to transform legacy programs into proactive Secure, Vigilant, Resilient, TM cyber risk programs. By joining our team, you’ll be part of developing the future state of cyber risk solutions
Individuals who take deep personal accountability for their work, have a passion for excellence, driven to achieve their full potential and understand the value of building relationships with clients and the industry, are encouraged to realize our requirement for a Cyber Strategy Tech Risk & Management professional. The desired professional is expected to have an in-depth understanding of leading Cyber Strategy Tech Risk practices and have demonstrated experience in the design and implementation of associated solutions and modules. Understanding of risk and compliance pain points and how they can be addressed effectively through a scalable and modular technology is key to success in this role.
The successful candidate will possess:
- Proven track record of building and managing cyber technology risk programs.
- Strong leadership and team management skills.
- Excellent communication and advisory skills.
- Ability to drive sales and revenue growth through strategic client engagements.
- Excellent documentation and presentation, verbal and written communication skills and ability to work with teams across geographical locations
- Demonstrated flexibility in prioritizing and completing tasks; and working collaboratively with the client to identify and solve key constraints, risks and issues.
- Demonstrated problem solving, critical thinking and logical structuring skills.
Qualifications
Required:
- 8+ years of hands-on experience on cyber strategy, risk modelling, analytics & reporting, compliance and gap analysis against major frameworks – NIST, COBIT, ISO 27001, SOC, SOX, PCI, GDPR, technology risk solution designs and architect, data integration strategies, including but not limited to risk modelling, quantification, and automation workflows.
- 5+ years of in-depth experience in performing cyber risk assessments, vulnerability assessments and threat analysis to assess risk and recommend remediation industry leading strategy to monitor and mitigate risk
- 5+ years of experience of engagement planning, economics, and billing and manage proposal development efforts. Serve as a subject matter expert with respect to market trends and competitor activities. Evaluate, counsel, mentor and provide feedback on performance of team members directly or indirectly reporting to the candidate. Play substantive/lead role in retention of professionals and in building staff complement, mix, and recruiting.
- Engineering degree.
- Security certifications (CISSP, CISA, CISM etc.)
- Limited immigration sponsorship may be available
- Ability to travel up to 75%, on average, based on the work you do and the clients and industries/sectors you serve.
Preferred
- Experience on ServiceNow Security, GRC modules, SIEM, Vulnerability Scanning tools would be preferred.
- Experience in defining, data management requirements, integration strategies, BI tools such as Power BI, Tableau
- Creates business and technical design specifications for implementation of the Cyber Risk Analytics Platform
- Reviews proposed design with all customer and internal stakeholders, and leads all technical design meetings
- Identifying and reviewing various preventive, detective, and corrective security controls techniques, processes, and operational procedures
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.
At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Our diverse, equitable, and inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Learn more about our inclusive culture.
From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.