Risk& Compliance Senior Analyst- Hyderabad

Hyderabad, Telangana, India

Back to search results
Back to search results

Position Summary

Risk and Compliance Sr. Analyst

Location: USI Hyderabad

Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte Technology. We are curious and life-long learners focused on technology and innovation.

Work you will do

This role supports audits and assessment programs of the Deloitte Technology Cyber Security Risk & Compliance team which includes risk management, audits, and assessments for on premises as well as cloud hosted IT applications and infrastructure. This position is specifically responsible for helping drive SOC 1 and SOC 2 audits and manage the day-to-day responsibilities of gathering evidence, scheduling resources, coordinating with business owners and external auditors, and identifying potential audit issues/operational improvements. Role is to also have an understanding of and ability to assess technology and operational risks related to internal and cloud technology solutions and at times, provide input to ITS personnel on appropriate controls to address audit risks. The position will also work with external and internal auditors, serving as liaison between ITS and non-ITS auditees, gathering and presenting evidence as required.

Key Tasks / Essential Job Functions:

·       Understand technology controls, testing of controls, and supporting evidence.

·       Understand technology controls that impact on premises and cloud technology, operational risk to the Information Technology Services organization as well as related laws, regulations, and industry standards, specifically related to internal and cloud technology solutions.

·       Recommend policies, standards, procedures, and controls to assure the confidentiality, integrity, and availability of the information technology environment for on premises as well as cloud hosted IT applications and infrastructure.

·       Manages audit gaps; identifies those within the organization responsible for remediating or closing audit findings, negotiate dates for closure, and track/report progress.

·       Represent Information Technology related to internal and external assessments and/or audits of information technology systems and processes, interpret results, and develop and communication recommendations to management.

·       Work with the appropriate Information Security, Office of General Counsel, Risk Management, and engagement leaders to determine scope of onsite visits, audits, and assessments as defined by contracts and regulatory requirements.

·       Develop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organization for on premises as well as cloud hosted IT applications and infrastructure.

·       Other duties as assigned



The team

Deloitte Technology helps power Deloitte’s success. It’s the engine that helps to drive Deloitte, which serves many of the world’s largest organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.

The ~3,000 professionals in Deloitte Technology deliver services internally including:

·       Cyber security

·       Technology support

·       Technology & Infrastructure

·       Application development and management

·       Relationship management group

·       Strategy

·       Deployment

·       PMO

·       Financials

Basic Qualifications:

·       B.tech/ B.E

·       3- 5 years of directly related experience in the following: information technology audits, assessments, remediation management, creating risk assessment programs.

·       Minimum 2 years of experience with various industry standard frameworks such as: SSAE 18 SOC 1 and SOC 2, Shared Assessment Program Agreed Upon Procedures, HIPAA, HITRUST, CSA, CCM, and ISO 27001.

Preferred Qualifications:

·       Industry certification (e.g., CPA, CISA, CISSP, CISM etc.)

·       Experience leading IT internal audit, external audits, and or service organization control reporting and activities

·       Solid understanding of IT general controls and activities

·       Familiarity with privacy laws, data protection/security regulations, and cloud security frameworks

·       Possess a general understanding of IT security technologies, including network, application and database security, access management and cloud security, Required Licenses, Certifications, and Other

·       Excellent communication, listening, and facilitation skills (preferred)

·       Excellent time management and related organizational skills, including appropriate sense of urgency, a proactive approach, and a suitable ability to anticipate and manage project lifecycle events, issues, and obstacles (preferred)
Our purpose

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. 
Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.
Professional development

At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse   learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India.
Benefits to help you thrive

At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you.
Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

Requisition code: 307457