Deloitte Jobs

Job Information

Deloitte Deloitte Risk & Financial Advisory Business Solution Analyst - Third Party Risk Management (Summer/Fall 2023) in Indianapolis, Indiana

Risk & Financial Advisory Business Solution Analyst - Third Party Risk Management

Unanticipated risks have great consequences for clients. That's especially true today as new risks and complexities brought on by regulatory mandates, rapidly evolving technologies, and the digitalization of business operations are disrupting traditional business models. Deloitte Risk and Financial Advisory's Hybrid-Operate teams deliver next-generation managed services and advanced technology products to help organizations solve complex problems on a long-term basis. Teams do this by bringing together advanced analytics, robust domain knowledge and experience, and strong technology products to help clients monitor, manage, and measure their operational environment for risk.

Given the ever-increasing size and complexity of third party ecosystems, our clients are increasing leveraging our firm's expertise to implement and operate a wide variety of Third Party Risk Management (TPRM) solutions designed to mitigate risks and drive more value in third party relationships. If you are seeking a role that offers exposure to these clients, Deloitte Risk and Financial Advisory's Cyber practice may be the place for you.

The work you perform will help you develop an understanding of:

  • the different third-party relationships an organization may have across different industries;

  • the drivers which affect behaviors of business partners, suppliers and customers; and

  • the operational processes and controls required by an organization to effectively manage and monitor its third-party relationships.

Work you will doThe responsibilities of a Business Solution Analyst are broad and may vary depending on your level of experience and skills. Responsibilities include but are not limited to:

  • Perform ongoing third-party cyber risk assessments to help clients identify and evaluate complex business and technology risks related to their third parties.

  • Comply with delivery SLA's and provide periodic status updates including potential risks and delays to the project delivery to project manager.

  • Perform validation of sub-controls with third parties as per the validation process set by Deloitte and generate the final report in English language.

  • Demonstrate excellent interpersonal and communication skills (written, verbal, and presentation)

  • Posess strong analytical and critical thinking/problem-solving skills

  • Strong computer skills, including good working knowledge of Microsoft Word, Excel, and PowerPoint

The teamThe Deloitte Advisory Third-Party Risk Management (TPRM) team, part of our Cyber Risk Services, works with some of the largest organizations in the world, across a variety of industries, to assist organizations in the development and operation of TPRM programs. Our client list includes eminent organizations across industries, e.g. technology, banking & financial services, media, healthcare, lifeciences, oil and gas, public sector and charities.

Our TPRM portfolios of services includes a broad variety of solutions for our clients, including designing and implementing broad third-party governance and risk management frameworks/processes, developing third-party risk and control assessments, and implementing managed services to improve/enhance an organization's TPRM program.

Qualifications:Required:

  • Bachelors and/or Masters degree in Math, Business, Cyber Security, Computer Science, Data Analytics or related field

  • Ability to travel up to 50%, on average, based on the work you do and the clients and undustries/sectors you serve

  • Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

Preferred:

  • Strong academic track record (GPA of 3.2 or above)

  • Basic understanding of information security and risk frameworks/standards (ISO 27001/2, NIST800 series, PCI-DSS, etc.)

  • Demonstrate knowledge of key risk areas such as cyber risk, compliance risk and regulatory risk

  • Demonstrate knowledge in one or more of the following cyber risk domains, including:

  • Security Governance and Management

  • Security Policies and Procedures

  • Application Security Controls

  • Access Controls

  • Network Security Operations

  • Identity Management

  • Disaster Recovery & Business Continuity

  • Incident Response

  • Risk Management

  • Privacy and Data Protection

  • Encryption

  • Knowledge of SOX and SSAE 16 would be an added advantage

For individuals assigned and/or hired to work in Colorado or Nevada, Deloitte is required by law to include a reasonable estimate of the compensation range for this role. This wage range is specific to the State of Colorado and the State of Nevada and takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $70,000 to $82,000.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

DirectEmployers