Assistant Manager / Deputy Manager – Risk and Compliance
Location: Hyderabad / Bengaluru
Do you have the drive to engage in cyber security risk & compliance to protect organizations from potential security exposures or threats? If your answer is yes, we have the right opportunity for you!
Work you’ll do
This role supports client Offshore Delivery Center (ODCs) program of the Technology Cyber Security Risk & Compliance team. As part of this team, you will support the execution and continual enhancement of the security and technology cyber security assurance program for the ODCs. You would be reporting assessment results to necessary stakeholders, following up on remediation plan, ensuring timely remediation and providing appropriate recommendations to the vendor for ensuring adequate protection of Deloitte information assets. You would collaborate and coordinate with various key stakeholders, both onshore and offshore, such as clients, internal business leaders, internal teams, SMEs and Cyber Security management.
You will also ensure optimal performance and tuning of Cyber Security program through continuous improvement.
Educational Qualification:
- Bachelor’s degree in computer science, Business Administration or equivalent educational or professional experience and/or qualifications
- 6-9 years of relevant experience
- Experience with information technology security programs, audits, controls, assessments, risk assessments, or remediation management
- Demonstrated proficiency in Security and Compliance, including information security and technology regulatory requirements (SOC 2, ISO27001, NIST800-53, PCAOB, CSA, etc.)
- Experience with Governance, Risk & Compliance tools
- Strong communication, report writing and presentation skills
- Ability to work independently and cross-functionally
- Excellent time management and related organizational skills including appropriate sense of urgency and a proactive approach
- Industry certifications (e.g., CISA, CISM, CISSP, CCSP and/or other equivalent licenses/certifications)
Work Experience
- Good knowledge of information security principles, policies, processes and practices.
- Good knowledge about security controls for cloud services.
- Good to have information security program implementation and/or audit experience.
- Good to have certifications such as ISO 27001, ISO 27002, ISO 22301, CEH, CISA
Required Skills
Should be a team player and should be comfortable working in teams.
Strong interpersonal and communications skills with the ability to communicate effectively at all levels.
The Team
Deloitte Technology team helps power Deloitte’s success. Deloitte Technology team is the engine that helps to drive Deloitte, which serves many of the world’s largest organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.
The ~3,000 professionals in Deloitte Technology deliver services internally including:
· Cyber security
· Technology support
· Technology & Infrastructure
· Application development and management
· Relationship management group
· Strategy
· Deployment
· PMO
· Financials
Cyber Security
Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.
Areas of Risk & Compliance focus include:
• Client ODCs
• Security Contract Reviews
• Vendor Assessments
• Security Awareness
• Audits & Assessments