Deloitte Senior Analyst, Technology Risk Management in Houston, Texas
Deloitte Services LP includes internal support areas such as Marketing and Communications, Human Resources/Talent, Information Technology, Facilities Management, and Financial Support Services.
Senior Analyst, Technology Risk Management
Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte s Information Technology Services (ITS). We are insatiably curious and life-long learners focused on technology and innovation.
Work you ll do
You will serve as a Senior Analyst on the Technology Risk Management (TRM) team, which is the second line of defense for the US firm information security and technology environments. This position sits in the Information Technology Services (ITS) Cyber Security team. This individual supports continual enhancement of the security and technology compliance monitoring program for the US firm, especially cloud platforms and applications. This individual assists with maintaining the control requirement library with the US firm s GRC tool that addresses regulatory and firm policy requirements for the US firm. This individual assists with risk assessments, analyzes technology and operational risks to the enterprise, identifies control needs and works with the technology owner to drive implementation of appropriate controls to comply with relevant laws, regulations, client commitments and industry standards. Performs deep-dive testing / monitoring of controls according to risk, documents results in GRC tool and escalates identified risk to TRM Senior Analyst and/or Management. Supports initiatives to educate Technology function owners and control performers on control requirements and associated risk of non-compliance.
Maintains control requirements library in GRC tool
Assists with technology risk assessments and reports on findings, consults on remediation plans, tracks status, aggregate results and report to Management
Performs deep-dive controls testing for high risk areas for independent validation of issues and remediation efforts
Supports initiatives to educate Technology functions on technology security and compliance requirements according to regulatory requirements, firm policy, data classification, client commitments, etc.
Provide recommendations for continuous improvements to the risk management process, controls monitoring and TRM program
Provide notification of updated controls requirements to technology functions due to regulatory and firm policy updates
Performs other job-related duties as assigned
Information Technology Services (ITS) helps power Deloitte s success. ITS is the engine that helps to drive Deloitte, which serves many of the world s largest organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.
The 2,200 professionals in ITS deliver services internally including:
Technology & Infrastructure
Application development and management
Relationship management group
For more information on ITS, you can visit our dedicated recruitment page at https://usrecruiting.deloitte.com/-its-recruiting-for-experienced-hires .
The Cyber Security team is responsible for vigilantly protecting Deloitte and client data. The team is responsible for a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.
Areas of focus include:
Risk & Compliance
Technology Risk Management
Identity & Access Management
Incident Response and Architecture
Category: Information Technology
As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.