Risk & Financial Advisory - Control and Risk Management Senior Consultant

Risk Management | Risk & Financial Advisory National
Same job available in 11 locations

Position Summary

Value Proposition:

  • Hybrid-Operate (HO) is on track of becoming one of the fastest growing areas and is a key focus area for Risk and Financial Advisory (Advisory)
  • Help us grow our HO Quality and Risk (QRM) organization by applying your experience of institutionalizing risk and control program in professional services industry
  • We are looking for an energetic and enthusiastic professional who can help us build and grow a large-scale quality & risk organization
  • You will be exposed to all business areas across Advisory, interacting with business leaders and service delivery specialists

Skills Required:

  • Direct experience with software/product development in one or more of the following areas: Project Management, Development, Testing, DevOps or Infrastructure. Strong technology understanding is key.
  • Experience with DevOps and project management. Ability to understand and discuss requirements with both the business and the technical teams.
  • In-depth understanding of technology, IT infrastructure including cloud technologies, Machine Learning and Artificial Intelligence.
  • Knowledge of industry compliance standards and regulations; having exposure to at least one standard in each category is preferred (IT security standards such as NIST/ISO 27000/COBIT/CMMI (Dev)
  • Experience working with a platform/tool is plus (such as ServiceNow GRC platform)
  • Must have good understanding of IT service management (ITSM) framework and ITSM tools; exposure to different ITSM tools such as ServiceNow and Jira is preferred
  • Experience with working and coordinating with the onshore/offshore teams
  • Should possess excellent written and oral communication skills
  • Ability to analyze complex problems, think creatively, communicate recommendations, influence change, and be able to drive process and structure to an extremely dynamic environment
  • Proven organizational skills, highly detail-oriented, with an ability to speak with conviction across all levels of the organization
  • Ability to work independently; candidate should be well organized, self-directed and a team player
  • Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
  • Travel up to 20-25% (While 20-25% of travel is a requirement of the role, due to COVID-19, non-essential travel has been suspended until further notice)

Key Job Responsibilities:

  • Work with business and product teams to complete comprehensive “As-Is” and “ongoing” risk control assessments. This will include analysis of existing business and IT controls for Design & Implement (D&I) effectiveness across multiple risk domains – operations, service delivery, technology, IT infrastructure, finance, talent, third parties and regulatory compliance; risk control assessment will also include reviewing key indicators, sample testing and conducting thematic reviews
  • Work with the solution and product development teams to identify, articulate, and define controls based on solution specific or product specific requirements
  • Identify and escalate emerging risks to business teams and risk leaders, as appropriate. Collaborate with relevant lines of business, legal, and risk partners to identify, design and document new controls to mitigate emerging risks
  • Monitor contractual commitments and obligations compliance by periodically assessing effectiveness of contractual controls
  • Provide on-going coaching and guidance to the business & product teams on risk control framework to ensure there is a consistent understanding of the overall control and risk management program across HO portfolios
  • Monitor action planning, implementation and closure of remedial actions for observations identified through control and risk management program
  • Leverage use of analytics and technology to identify opportunities for converting manual controls to automated controls
  • Identify continuous improvement opportunities to drive effectiveness and efficiency. Collaborate with other solutions and products teams to drive synergies across the broader HO portfolios
  • Support implementation of technology or GRC (governance, risk and compliance) platform to implement control and risk management program with the goal of improving efficiency, improving agility and optimizing cycle time
  • Escalate issues, concerns and risk proactively with both internal and external stakeholders
  • Develop periodic reports based on risk control assessment; summarize testing results and observations to the business leadership team and other key stakeholders

Our people and culture

Our diverse, equitable, and inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Learn more about our inclusive culture.

Professional development

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Learn more about our commitment to developing our people.


As used in this posting, "Deloitte Advisory" means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. These entities are separate subsidiaries of Deloitte LLP.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Requisition code: 40007

SCAM ALERT

Caution against fraudulent job offers!

We have been informed of instances where jobseekers are led to believe of fictitious job opportunities with Deloitte US (“Deloitte”). In one or more such cases, false promises of actual or potential selection, or initiation or completion of the recruitment formalities appear to have been or are being made. Some jobseekers appear to have been asked to pay money to specified bank accounts of individuals or entities as a condition of their selection for a ‘job’ with Deloitte. These individuals or entities are in no way connected with Deloitte and do not represent or otherwise act on behalf of Deloitte.

We would like to clarify that:

  • At Deloitte, ethics and integrity are fundamental and not negotiable.
  • We are against corruption and neither offer bribes nor accept them, nor induce or permit any other party to make or receive bribes on our behalf.
  • We have not authorized any party or person to collect any money from jobseekers in any form whatsoever for promises of getting jobs in Deloitte.
  • We consider candidates on merit and that we provide an equal opportunity to eligible applicants.
  • No one other than designated Deloitte personnel (e.g., a Deloitte recruiter or Deloitte hiring partner) is permitted to extend any job offer from Deloitte.

Anyone who at any time has made or makes any payment to any party in exchange for promises of job or selection for a job with Deloitte or any matter related to this (including those for ‘registration’, ‘verification’ or ‘security deposit’) or otherwise engages with any such person who has made or makes fraudulent promises or offers, does so (or has done so) entirely at their own risk. Deloitte takes no responsibility or liability for any such unauthorized or fraudulent actions or engagements. We encourage jobseekers to exercise caution.