Deloitte Manager, AAPS Risk & Compliance in Houston, Texas
Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with premier thought leaders in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture?
At Deloitte, we help bring client data to life to enhance the risk assessment process, reveal unexpected patterns and outliers and offer insights. The business world is complex and ever changing and, as a result, Deloitte is helping to redefine audit by infusing our approach with cutting-edge technologies, data analytics and visualizations, and transformative audit delivery models. Lead audit into the future by helping deliver a more dynamic picture to our clients that provides meaningful insights, empowers decision-making, and informs tomorrow's success.
Work you'll do
This position provides risk management and related support to the U.S. and Global Audit & Assurance (A&A) Products and Solutions organization that develops and deploys innovative technology products and solutions to Deloitte's A&A business and its clients. This position is housed within the Technology Controls (TC) team, reporting to the Technology Controls Leader.
As a Technology Controls - Risk & Compliance Manager, you will be responsible for implementing and monitoring risk and control considerations to effectively identify regulatory, legal and compliance risk exposures, with a focus on quality, data protection and security matters related to our innovative products and solutions, environments and frameworks at all stages with the software development lifecycle (SDLC) (e.g., application design, development and deployment). This exciting and challenging role invites you to drive quality as part of the SDLC, initiate consultations with stakeholder groups, ideate on ways to creatively solve challenges and increase quality, and escalate matters as necessary to Technology Controls Leadership.
Under the guidance and supervision of a Technology Controls Senior Manager, you will drive quality as part of the SDLC using established risk and control frameworks (such as SOX, Security, Privacy, Confidentiality, Third Party or SOC/ISAE) to ensure that development, hosting, deployment and other risk decisions comply with existing firm policies, professional standards, laws and regulations, and other internal and external requirements. You will collaborate with various groups (such as, internal product and IT groups, Deloitte's vendors and IT service providers, and Global risk, regulatory and privacy teams) and will be required to understand their roles and responsibilities in the overall IT control structure. Further, you will prepare and/or validate control-related aspects of product risk assessments and confidential information management plans, as well as assist other TRM team members with reviewing functional and nonfunctional requirements (i.e., user stories and acceptance criteria) and testing scripts to ensure alignment with controls requirements. You will also be responsible for the supervision and oversight of Technology Controls Seniors, who drive the day-to-day activities.
The teamOur audits are fueled by more than just technology - what really sets us apart are our insightful professionals, collaborative culture, and commitment to innovation and continuous improvement. Our audit professionals apply a streamlined, intelligent approach to the audit, enabled by innovative tools and technologies. Quality is our top priority, and by focusing on innovation, we continue to raise the bar on quality and deliver greater value to our clients. Learn more about Deloitte Audit.
Required Qualifications:Candidates should have the following competencies and skills:
Bachelor's or Master's degree in Accounting, Accounting Information Systems, or other related degrees.
Minimum of 4-5 years of experience in audit or risk assurance with a large or medium-sized public accounting firm or other regulated industry
Strong technical or audit knowledge and the ability to apply this knowledge to the design, development and deployment of applications based upon TRC requirements
Very strong knowledge and understanding of, or the ability to learn, the regulatory requirements and professional standards involving the development, documentation, review, retention and archiving of evidence, including reproduction thereof for professional, legal or regulatory purposes.
Ability to apply concepts of risk assessment and professional skepticism.
Ability to challenge the status quo, and to identify untapped opportunities, alternate approaches, and creative solutions to audit products and solutions
Reasonable familiarity with audit or other regulatory technology applications.
Privacy regulation experience
Ensure key deliverables (control testing, evaluation of test results, other items as requested, etc.) adhere to high quality standards
Familiarity with data analytics and/or technology fueled by machine learning/AI.
Strong project management skills to keep multiple projects organized and deliver results under tight, demanding deadlines for a high-volume of products and releases while maintaining high-quality and precision.
Strong verbal and written communication skills.
Proactive approach and anticipation of potential challenges.
Work in cross-functional environments with professionals across Deloitte (non-auditors) and various geographic locations.
Limited Immigration Sponsorship May be Available
CPA, CIA, CISA, or CIPP preferred
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.