Technology Risk Senior Consultant, Deloitte Global Risk and Brand Protection

Job Type: Permanent
Work Model: Remote
Reference code: 127520
Primary Location: Toronto, ON
All Available Locations: Toronto, ON; Burlington, ON; Ottawa, ON

Our Purpose

At Deloitte, we are driven to inspire and help our people, organization, communities, and country to thrive. Our Purpose is to build a better future by accelerating and expanding access to knowledge. Purpose defines who we are and gives us reason to exist as an organization.

By living our Purpose, we will make an impact that matters.

• Enjoy flexible, proactive, and practical benefits that foster a culture of well-being and connectedness.
• Experience a firm where wellness matters.
• Be expected to share your ideas and to make them a reality.

--

Deloitte Global is the engine of the Deloitte network. Our professionals reach across disciplines and borders to develop and lead global initiatives. We deliver strategic programs and services that unite our organization.

What will your typical day look like?

As a Technology Risk Consultant within the Global Risk & Brand Protection group, specifically under the Cybersecurity Oversight, Technology Risk Function, you will play a pivotal role in addressing these client security inquiries for our Deloitte firms, their clients and regulators.

In this role, you will prepare responses that are thorough, accurate, and reflective of Deloitte's commitment to security and data protection.

This position requires a proactive mindset, strong analytical capabilities, and an unwavering dedication to protecting the Deloitte brand. Your contributions will be essential in maintaining our clients' trust and upholding our reputation.

Responsibilities:

Information Security Requests:

• Address Deloitte firm, client, regulatory, and audit-related information security requests.
• Identify, gather, and pre-populate responses using Standard Answer Banks (SABs).
• Determine remaining questions needing consultation with Management, Client Security Leads (CSLs), or Subject Matter Experts (SMEs).
• Ensure the quality and consistency of work been done by other team members.
• Assign and plan tasks for other team members.
• Highlight and address issues in SABs and assist with their maintenance, improving quality of responses and expanding scope as necessary.
• Support service queue and mailbox rotation for consistent coverage.

Audit Support:

• Analyze and evaluate security requests, internal/external assessments, and audits.
• Coordinate internal/external audit requests, including scoping, data gathering, and refinement.
• Assist with evidence gathering and sanitization activities.

·

Project Management and Technology Utilization:

• Demonstrate strong project management skills and use current technology to enhance deliverables.
• Apply understanding of technology and cybersecurity trends to identify and communicate issues to management, requestors, CSLs and SMEs.

·

Additional Duties:

• Perform other job-related tasks as assigned by a manager.
• Build strong relationships with internal stakeholders and maintain regular communication with the management team, Deloitte firm CSL and various SMEs to improve deliverable quality.
• Contribute to the development of best practices and stay up to date on global security policies, standards and technology.

About the team

Global Risk & Brand Protection protects, preserves and enhances the Deloitte brand. We navigate the dynamic risk landscape across the areas of risk management, confidentiality & privacy, cyber security oversight, regulatory, independence & conflicts, and Anti-Corruption/financial crimes. We foster trusting relationships across the Deloitte network through collaboration, facilitation and responsive guidance.

Enough about us, let’s talk about you

You are someone with:

• Bachelor’s Degree or higher in business administration, a technology-related field, or equivalent experience.
• Minimum of three (3) years demonstrated experience in applying leading practices in a large-scale Information Security, Technology Risk or Operational Risk environments, including strategy development and execution, risk and governance experience.

Required Skills/abilities:

• Basic knowledge of Information Systems Security, cyber security, IT auditing, IT risk management and compliance and/or vendor security risk management.
• Basic knowledge of GRC tools (e.g., ServiceNow).
• Working knowledge of various IT risk frameworks, methodologies, leading industry/assurance standards and regulations, as well as attestation reporting frameworks, such as the ISO family of standards (27001/2, ISO 22301, ISO 27017, etc.), NIST, COBIT, SOC2 reporting framework.
• Basic knowledge of significant security and privacy laws and regulations in the Americas, Europe, Middle East, Asia, Africa, and Oceania is preferable (e.g., GDPR).
• Experience in developing and applying standards, principles, methods, and leading IT risk governance practices in large-scale Information Security, Technology environments.
• Strong analytical and problem-solving skills.
• Effective relationship-building, communication, and presentation skills.
• Experience working and liaising with executives (e.g., CIO, CISO, Directors, Principals) senior management
• Be flexible, working in a cross-time zone team.
• Demonstrate exceptional integrity and customer focus.

Total Rewards

The salary range for this position is $69,000 - $114,000, and individuals may be eligible to participate in our bonus program. Deloitte is fair and competitive when it comes to the salaries of our people. We regularly benchmark across a variety of positions, industries, sectors, targets, and levels. Our approach is grounded on recognizing people's unique strengths and contributions and rewarding the value that they deliver.

Our Total Rewards Package extends well beyond traditional compensation and benefit programs and is designed to recognize employee contributions, encourage personal wellness, and support firm growth. Along with a competitive base salary and variable pay opportunities, we offer a wide array of initiatives that differentiate us as a people-first organization. Some representative examples include: $4,000 per year for mental health support benefits, a $1,300 flexible benefit spending account, 38+ days off (including 10 firm-wide closures known as "Deloitte Days"), flexible work arrangements and a hybrid work structure.

Our promise to our people: Deloitte is where potential comes to life.

Be yourself, and more.

We are a group of talented people who want to learn, gain experience, and develop skills. Wherever you are in your career, we want you to advance.

You shape how we make impact.

Diverse perspectives and life experiences make us better. Whoever you are and wherever you’re from, we want you to feel like you belong here. We provide flexible working options to support you and how you can contribute.

Be the leader you want to be

Some guide teams, some change culture, some build essential expertise. We offer opportunities and experiences that support your continuing growth as a leader.

Have as many careers as you want.

We are uniquely able to offer you new challenges and roles – and prepare you for them. We bring together people with unique experiences and talents, and we are the place to develop a lasting network of friends, peers, and mentors.