IT Risk Management/IT Risk Controls Manager, Deloitte Global Technology

—

Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cuttingedge products and services that deliver outstanding value and that are global in vision and scope? Work with premier thought leaders in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture?

What will your typical day look like?

This role will support the IT Risk Controls Transformation Director within the IT Risk Management team. This role provides the opportunity to help influence and shape the team’s capabilities to manage the firm’s IT Risk management assurance framework through the implementation of comprehensive IT control testing, assurance and governance.

Scope of responsibilities will include:

• Work with leadership and IT risk management stakeholders to design and operate a robust, repeatable, IT risk control testing and assurance capability
• Support the transformation of control requirements within the Integrated Control Library (ICL) into defined control tests and assurance reviews
• Manage and execute cyclical assurance assessments and control testing against defined timescales to provide leadership visibility of key control performance and risk indicators and empower organizational decision making
• Liaise with policy and standards owners and control owners to evaluate control testing outcomes and if required, develop agreed remediation plans
• Manage exception action tracking against agreed remediation plans by providing support, guidance and monitoring to action and control owners based across the global organization
• Be an advocate, championing and communicating IT risk management understanding and capabilities to stakeholders across the organization; including supporting the development of awareness training materials
• Support the development of an emergent risk sensing capability
• Maintain control testing and assurance documentation in the function’s Quality Management System
• Seek to continually improve the maturity and relevance of control testing and assurance activities
• Identify requirements for toolsets to underpin the control function’s testing capability and action tracking responsibilities and drive projects to deliver these to fruition
• Liaise with other risk and compliance focused functions to ensure control assessments and testing activities are aligned and consistent
• Embrace a dynamic work environment so that the team can respond to emerging risks with ease
• Develop strong, trusted relationships with stakeholders from across the Global IT organization and 2nd and 3rd Line control functions
• Develop in depth expertise in at least three of the key controls assured by the team

About the team

Deloitte Global:

At Deloitte, we expect results. Incredible—tangible—results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network. In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in—with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out—with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark. Deloitte Global supports our talented professionals in answering the question: What impact will you make?
Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in “what is” but rather “what can be” to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.

Enough about us, let’s talk about you

You are someone with:

• Operational IT experience, including demonstratable knowledge of actively managing risks either as an IT control owner or within an IT risk, audit or information security team
• Experience transforming control requirements into defined, testable control requirements
• Understanding of and capability to support the design of key performance and risk indicators as metrics that underpin IT risk management objectives
• Prior knowledge and experience of IT risk focused control testing either in a risk, audit, information security or other operational role
• Experience working in an environment where operational teams must work within the constraints presented by regulatory requirements and/or controls defined within internal policies and standards
• Experience working with enterprise level configuration management databases
• Willingness to proactively enhance capabilities through team collaboration and development opportunities
• Capability to understand and communicate complex control requirements to a broad range of stakeholders across organizational boundaries and cultures
• Demonstratable ability to develop strong relationships and be recognized as a trusted advisor to key stakeholders
• Flexibility to support working within a Global team, across varying time zones, cultures and technologies
• Excellent analytical skills with a strong attention to detail
• Familiarity with Teams and/or SharePoint for collaborative working