Deloitte Risk & Financial Advisory - Control and Risk Management Senior Consultant in Boston, Massachusetts
Hybrid-Operate (HO) is on track of becoming one of the fastest growing areas and is a key focus area for Risk and Financial Advisory (Advisory)
Help us grow our HO Quality and Risk (QRM) organization by applying your experience of institutionalizing risk and control program in professional services industry
We are looking for an energetic and enthusiastic professional who can help us build and grow a large-scale quality & risk organization
You will be exposed to all business areas across Advisory, interacting with business leaders and service delivery specialists
Direct experience with software/product development in one or more of the following areas: Project Management, Development, Testing, DevOps or Infrastructure. Strong technology understanding is key.
Experience with DevOps and project management. Ability to understand and discuss requirements with both the business and the technical teams.
In-depth understanding of technology, IT infrastructure including cloud technologies, Machine Learning and Artificial Intelligence.
Knowledge of industry compliance standards and regulations; having exposure to at least one standard in each category is preferred (IT security standards such as NIST/ISO 27000/COBIT/CMMI (Dev)
Experience working with a platform/tool is plus (such as ServiceNow GRC platform)
Must have good understanding of IT service management (ITSM) framework and ITSM tools; exposure to different ITSM tools such as ServiceNow and Jira is preferred
Experience with working and coordinating with the onshore/offshore teams
Should possess excellent written and oral communication skills
Ability to analyze complex problems, think creatively, communicate recommendations, influence change, and be able to drive process and structure to an extremely dynamic environment
Proven organizational skills, highly detail-oriented, with an ability to speak with conviction across all levels of the organization
Ability to work independently; candidate should be well organized, self-directed and a team player
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
Travel up to 20-25% (While 20-25% of travel is a requirement of the role, due to COVID-19, non-essential travel has been suspended until further notice)
Key Job Responsibilities:
Work with business and product teams to complete comprehensive "As-Is" and "ongoing" risk control assessments. This will include analysis of existing business and IT controls for Design & Implement (D&I) effectiveness across multiple risk domains - operations, service delivery, technology, IT infrastructure, finance, talent, third parties and regulatory compliance; risk control assessment will also include reviewing key indicators, sample testing and conducting thematic reviews
Work with the solution and product development teams to identify, articulate, and define controls based on solution specific or product specific requirements
Identify and escalate emerging risks to business teams and risk leaders, as appropriate. Collaborate with relevant lines of business, legal, and risk partners to identify, design and document new controls to mitigate emerging risks
Monitor contractual commitments and obligations compliance by periodically assessing effectiveness of contractual controls
Provide on-going coaching and guidance to the business & product teams on risk control framework to ensure there is a consistent understanding of the overall control and risk management program across HO portfolios
Monitor action planning, implementation and closure of remedial actions for observations identified through control and risk management program
Leverage use of analytics and technology to identify opportunities for converting manual controls to automated controls
Identify continuous improvement opportunities to drive effectiveness and efficiency. Collaborate with other solutions and products teams to drive synergies across the broader HO portfolios
Support implementation of technology or GRC (governance, risk and compliance) platform to implement control and risk management program with the goal of improving efficiency, improving agility and optimizing cycle time
Escalate issues, concerns and risk proactively with both internal and external stakeholders
Develop periodic reports based on risk control assessment; summarize testing results and observations to the business leadership team and other key stakeholders
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.