Third Party Risk - Controls Tester Senior Consultant
Location: Tucson, Arizona
Internal Number: 15773563
When you join the Deloitte Advisory Third-Party Risk Management (TPRM) practice, you will see how we work with some of the largest organizations in the world, across a variety of industries, to assist organizations in the development and operation of TPRM programs. Our client list includes eminent organizations across industries, e.g. technology, mining, media, pharmaceuticals, oil and gas, public sector and charities.
Work you will do
Perform ongoing third-party cyber risk assessments to help clients identify and evaluate complex business and technology risks related to their third parties.
Comply with delivery SLA's and provide periodic status updates including potential risks and delays to the project delivery to project manager.
Perform validation of sub-controls with third parties as per the validation process set by Deloitte and generate the final report in English language.
For the purposes of this job description, the scope of assessments is limited to English language only.
The team Deloitte Advisory's Cyber Risk Services team helps complex organizations more confidently pursue their growth, innovation, and performance agendas through proactive management of the associated cyber risks. With deep experience across a broad range of industries, Deloitte Advisory's Cyber Risk Services professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to transform legacy programs into proactive Secure, Vigilant, Resilient TM cyber risk programs. By joining our team, you will be part of developing the future state of cyber risk solutions. Learn more about our Cyber Risk Services practice . Qualifications and experience Required:
Overall 3+ yrs of relevant experience in information security
Working knowledge and understanding of information security and risk frameworks/standards (ISO 27001/2, NIST 800 series, PCI-DSS, etc.)
Demonstrate knowledge of key risk areas such as cyber risk, compliance risk and regulatory risk
Demonstrate knowledge in one or more of the following cyber risk domains, including:
Security Governance and Management
Security Policies and Procedures
Application Security Controls
Network Security Operations
Disaster Recovery & Business Continuity
Privacy and Data Protection
Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing
Excellent verbal and written communication skills
Excellent inter-personal skills
Preferred: â¢ CISSP/CISA (or equivalent)
â¢ Experience with information security audit or assessments
â¢ Good understanding of legal and regulatory requirements around information security and data privacy, such as OCC Bulletin 29, FFIEC, HIPAA Security/Privacy, etc.
â¢ Prior consulting experience
â¢ Experience with internal controls, risk assessments, business process, and internal IT control testing or operational auditing
At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits.Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture where our people excel and lead healthy, happy lives. Deloitte is led by a purpose: to make an impact that matters. This purpose... defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help you with your interview, we suggest that you do your research: know some background about the organization and the business area you’re applying to.