Position Summary

As an Analyst, Audit & Certification (A&C) you will be responsible for supporting the maintenance of Deloitte Technology (DT) industry standard framework assessments and certifications. You will collaborate with Global and member firm IT groups to demonstrate effective operation of DT controls, via DT IT certifications for operations, security, infrastructure, shared services and applications.

The role will have a good understanding in information security processes, and standards and audit frameworks (i.e., ISO, cloud security, SOC 2 , risk management etc.) 

 Key responsibilities include:

  • Execute coordination for internal and external audits and assessment, including but not limited to ISO27001, 27017, 22301 and SOC 2; with internal DT stakeholders.
  • Administer and continually improve the DT ISMS (Information Security Management System) and related processes, e.g., IT risk assessment, metrics reports, awareness and compliance to DT policies and standards
  • Support leadership meetings, including Management Review, ISMS Security Forum
  • Interface with Cybersecurity, Global Technology Infrastructure (GTI), Portfolio & Solutions (P&S), Global Risk, Internal Audit, global and member firm risk leaders to support manager and A&C team towards compliance of DT ISMS
  • Synergize with second line of defense to understand root causes, process deficiencies, control failures for the non- conformities and bring them to closure using continual improvement process.
  • Contribute to maintain processes, procedures, operational documentation
  •   Support continual improvement initiatives to align technology risk posture to Deloitte’s risk appetite
  • Effective relationship-building, communication, presentation, and interpersonal skills; prepare leadership communication materials, facilitate, document, follow up on open items from meetings and audits
  • Ability to identify and deliver improvement opportunities
  • Report breaches in information security or policies
  • Leverage available technical resources/tools to research; expand IT risk knowledge to enhance work product, remain up to date on member firm and business hot topics while sharing IT risk knowledge where applicable
  • Support the creation of metrics and other A&C reports
  • Strong collaboration skills, effectively self-manage and execute multiple activities with minimal customer disruption and within agreed-upon requirements

 

Required Education, Qualifications, and Experience:

  • Bachelor's degree or equivalent 5+years of Information security management system audits and compliance certification and/or infrastructure operations experience.
  • Preferably prior experience in a large global enterprise environment Hands-on experience facilitating and coordinating activities for internal and/or external audits
  • Ability to manage oneself in complex situations that require judgment and discretion
  • Ability to work with limited or no supervision.
  • Ability to form long-term, strategic relationships and cultivate a network across Deloitte
  • Ability to perform high level data analysis.
  • Ability to critically analyze results to detect trends. errors, anomalies or conflicts. Relate analysis to business strategy and process
  •  Good understanding of audit frameworks & technical standards
  • Knowledge of significant global security and privacy laws and regulations (e.g., GDPR)
  • Excellent verbal and written communication skills
  • Effectively prepare presentation and business material; and succinctly document internal processes

Preferred:

  • Certification in at least one of the following: ISO 27001 Lead Auditor /Implementer, CISA, CRISC, PMP
#EAG-Technology 

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.
Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.
Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work.
Our purpose

Deloitte’s purpose is to make an impact that matters for our clients, our people, and in our communities. We are creating trust and confidence in a more equitable society. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. We are focusing our collective efforts to advance sustainability, equity, and trust that come to life through our core commitments. Learn more about Deloitte's purpose, commitments, and impact.
Professional development

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

Requisition code: 185579