Manager – NL ITS Risk Manager (USI)

Your opportunity

Join our innovative, creative, and inclusive NL ITS Risk & Compliance team - a world-class operation with extensive knowledge and experience. You will interface with business and technical teams to bring about change and influence across the entire world of Deloitte. Apply your skills to make things happen and be a part of a great team that is passionate about serving a great purpose.

Work you'll do:

As a Risk Manager working for the IT Internal Services Team, you will leverage your IT (audit) expertise in an advisory role to Deloitte management on a broad basis when it comes to determining, assessing, and improving IT general controls within Deloitte Netherlands and Europe. You will collaborate with specialists and top management to determine compliance with existing rules and legislation and to identify and sufficiently mitigate information security nonconformities and risks.

You are also the organization’s point of contact for enabling the security, privacy, and confidentiality by design to ensure new software and services meet the necessary security requirements.

Your responsibilities will include:

• Design and develop Risk & IT General Control Frameworks by incorporating relevant security regulations, standards, and good practices such as ISO27001, NIST, COBIT, and ITIL
• Continuously enhance security and compliance processes to maximize efficiency and effectiveness Determine criteria around an ISMS.
• Coordinate internal and external audits and assessments.
• Monitors follow up of identified risks and non-conformities.
• Assess risks by applying Key Performance Indicators and Key Risk Indicators
• Assess the onboarding of new technologies and technology services from 3rd parties to manage risks and ensure compliance with applicable security standards.
• Coordinate and support activities the ITS compliance manager
• Cooperate closely with colleagues from Internal IT, other supporting departments (Talent, Workplace Service, Legal, etc.) and our business.
• Support and improve the transition of risk - and secure development services towards a centralized IT department.
• Manage budgets around audits and compliance improvement initiatives.
• Provide advice and guidance to senior leadership on current compliance and risk status, via formal and informal reports.

Your professional experience/Qualifications

• Bachelor’s degree in computer science, Information Security, or a related field.
• 10 to 13 years of experience in information security or IT Risk Management
• Proven experience in Risk Management, information security, or a related area.
• Excellent analytical, organizational, and communication skills.
• Ability to work collaboratively across departments and regions.
• Relevant certifications (e.g., CISM, CRISC,CISA or related ) are a plus.
• In-depth knowledge and understanding of IT security management.
• Experience with industry best practices and certification schemes such ISO27001, ISO22301 or similar.
• Experience with well architected frameworks from leading Cloud providers (AWS and Azure)
• A strong track record of delivering continual service improvements.
• Intrinsic drive to personally develop and to help other people to develop as well.
• Ability to influence and inspire others to gain support for change.

Your work, your choice

We are results focused and believe in excellence in respect in all aspects of our work and interaction with each other. We make full use of technologies that help support different ways of working. At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We, therefore, carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. If the working pattern you are looking for is not specifically indicated below, we are happy to discuss alternative arrangements.

 Location: Hyderabad