Deloitte Sr. Consultant, Office of Confidentiality & Privacy in Costa Mesa, California

Confidentiality and Privacy / Risk Management

This position will support operational processes of the Deloitte U.S. Firms Office of Confidentiality and Privacy. The Office of Confidentiality and Privacy is part of the Risk and Regulatory Affairs organization within Deloitte LLP. Key responsibilities of this position are to safeguard Deloitte and client confidential information to protect, preserve, and enhance our reputation while fostering a positive culture for our employees.

Location any U.S. Deloitte office


  • Bachelor Degree

  • Experience with compliance and risk mitigation

  • Related certifications are a plus CISA, CISSP, CIPP, CIPM, CIPT

Work Experience

  • At least 4 years of relevant experience (e.g., risk mitigation, privacy impact assessments, data privacy, or system auditing)

Work you ll do

Key responsibilities of this position are protecting Deloitte and client confidential information while working as a liaison between the business and technology teams to review privacy and confidentiality risk associated with planned technologies.


Review Privacy Impact Assessment: Upon receipt, review the assessment responses that explain how personally identifiable information (PII) will be protected within the new or updated Deloitte or vendor system. Leveraging the training and ongoing support that will be provided:

  • Identify insufficient responses : Locate responses that do not align with Deloitte policies or standards. Learn how to identify related risk and mitigations.

  • Consult with submitter or interviewee: Communicate residual risks or gaps with the submitter of the assessment. Request the submitter to strengthen the privacy controls and/or documentation. Collaborate with various teams during this process (e.g., Information Security, ITS, Strategy & Architecture, Office of General Counsel).

  • Determine appropriate next steps: Approve or decline the assessment, and escalate issues as needed.

Conduct Confidentiality Assessment: Learn how to conduct a verbal confidentiality assessment to understand how Confidential Information (CI) will be protected within the new or updated Deloitte or vendor system or Deloitte process.

  • Identify risk: Observe demonstrations of new or updated technologies to locate areas of privacy and confidentiality risk.

  • Consult with project team and business leadership: Communicate risks or gaps with the project team and business leaders. Request the project team to explain how risk can be mitigated prior to deployment.

  • Determine appropriate next steps: Collaborate between business leaders and project team to determine whether changes will be made or whether alternative solutions are viable.

Technical capabilities:

  • Technical aptitude and willingness to learn

Operational Support:

  • Ability to work as a self-starter; ability to track and resolve reviews within your own portfolio and escalate to leadership as necessary

  • Ability to remain responsive while tackling new and high-risk reviews

  • Ability to identify process improvements to overall process Assist with other team initiatives:

  • Assist in various projects related to mitigating privacy and confidentiality risk for the firm. For example, assessing confidentiality and privacy risk with third parties, new technologies in the marketplace, assessing and helping to deploy new technology safeguards.

Key skills required are as follows:

  • Excellent verbal and written business communication skills.

  • Excellent organizational and time management skills.

  • Attention to quality and detail a must.

  • Ability to work well under pressure: responsiveness, accuracy and sense of urgency are essential to this role.

  • Ability to apply critical thinking in evaluating different scenarios.

  • Ability to handle confidential and sensitive information with appropriate discretion.

  • Ability to prioritize work and work independently; know when to seek guidance.

  • Ability to compartmentalize different projects, keep detailed notes, and maintain understanding of the various projects

  • Ability to push back when needed, voice concerns in a professional manner, and provide key data points or concerns for supporting the need to push back

  • Ability to organize and manage multiple projects at once

  • Proficiency in MS Office - Word, Excel and PowerPoint. Previous experience of working in SharePoint and Visio a plus.

The Team:

Enabling Areas / Independence, Compliance & Risk

This group is responsible for supporting the Risk and Regulatory Affairs driven operations which include Independence assurance and regulatory compliances of professionals of the US and India offices, internal audit function and developing and deploying programs to mitigate confidentiality and privacy risks.

How you ll grow

At Deloitte, we ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunitiesincluding exposure to leaders, sponsors, coaches, and challenging assignmentsto help accelerate their careers along the way. No two people learn in exactly the same way. Thus, we provide a range of resources including live classrooms, team-based learning, and eLearning. Deloitte University (DU) in Westlake, Texas, represents a tangible symbol of our commitment to our people s growth and development. Explore DU at


At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. at

Deloitte s culture

Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. at

Corporate citizenship

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte s impact on the world. at

Category: Risk Management

About Deloitte

As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.