Deloitte Senior Analyst, Technology Risk Management in Boston, Massachusetts

Deloitte Services LP includes internal support areas such as Marketing and Communications, Human Resources/Talent, Information Technology, Facilities Management, and Financial Support Services.

Senior Analyst, Technology Risk Management

Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte s Information Technology Services (ITS). We are insatiably curious and life-long learners focused on technology and innovation.

Work you ll do

You will serve as a Risk and Controls Senior Analyst within the Technology Risk Management (TRM) program for information security and compliance across US firm technology environments. This position sits in the Information Technology Services (ITS) Cyber Security team. This individual supports continual enhancement of the security compliance and risk management program for security interests of the US firm across all security domains and technology environments, including cloud. This individual assists with risk assessments, analyzes technology and operational risks to the enterprise, identifies control needs and works with the technology owner to drive implementation of appropriate controls to comply with relevant laws, regulations, client commitments and industry standards. Performs deep-dive testing / monitoring of controls according to risk, documents results in GRC tool and escalates identified risk to TRM Senior Analyst and/or Management. Supports initiatives to educate Technology function owners and control performers on control requirements and associated risk of non-compliance.

  • Assists with technology risk assessments and reports on findings, consults on remediation plans, tracks status, aggregate results and report to Management

  • Performs deep-dive controls testing for high risk areas for independent validation of issues and remediation efforts

  • Supports initiatives to educate Technology functions on technology security and compliance requirements according to regulatory requirements, firm policy, data classification, client commitments, etc.

  • Provide recommendations for continuous improvements to the risk management process, controls monitoring and TRM program

  • Provide notification of updated controls requirements to technology functions due to regulatory and firm policy updates

  • Performs other job-related duties as assigned

The team

Information Technology Services (ITS) helps power Deloitte s success. ITS is the engine that drives Deloitte, which serves many of the world s largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.

The 2,200 professionals in ITS deliver services including:

  • Security, risk & compliance

  • Technology support

  • Infrastructure

  • Applications

  • Relationship management

  • Strategy

  • Deployment

  • PMO

  • Financials

  • Communications

Cyber Security

The Cyber Security team vigilantly protects Deloitte and client data. The team is responsible for a strategic cyber risk program which adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team protects the Deloitte brand.

Category: Information Technology

About Deloitte

As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.