
Job Information
Deloitte Control & Risk Management Senior Consultant - Quality & Risk Management - Hybrid Operate in McLean, Virginia
Value Proposition
Deloitte Advisory's Hybrid-Operate portfolio is a strategic priority for the business and on track of becoming one of the fastest growing areas. It requires specialized team within QRM to focus on institutionalizing a control-based program to manage post-signature delivery and compliance risks.
Help us grow our HO Quality and Risk Management (QRM) organization by applying your experience of institutionalizing risk and control program in professional services industry
We are looking for an energetic and enthusiastic professional who can help us build and grow a large-scale quality & risk organization
If you are familiar with leading industry standards such as ITIL, NIST, SOC, CMMI, COBIT, and/(or) ISO, then this may be the right opportunity for you
It is a great opportunity for you to be a part of a growing segment in the Advisory business
You will be get an opportunity to work and collaborate with different business areas across Advisory, interacting with business leaders and service delivery specialists
Skills Required
5+ years of relevant work experience
Education: Bachelors in technology, business management or Information Systems (post graduate degree is a plus)
Direct experience with testing (design as well as operating effectiveness) of risk-based control program including both business and IT controls in a managed services and/(or) product organization. Strong technology understanding is key
In-depth understanding of risks and corresponding controls across multiple business domains - operations, service delivery, technology, IT infrastructure, finance, talent, third parties and regulatory compliance
Thorough knowledge and implementation experience of industry compliance standards and regulations; having exposure to at least one standard in each category is preferred (IT security standards such as NIST/ISO 27000/COBIT/CMMI (Dev); IT service management standards such as ITIL/CMMI (Service)/ISO 20000, System and Organization Controls standards such as SOC1/SOC2)
Experience working with a Governance, Risk & Compliance platform/tool is plus (such as ServiceNow GRC platform)
Prior experience of supporting quality function for the service/product organization/professional services
Must Have a good understanding of software development and software engineering concepts; hands-on service/product development and/(or) IT governance experience is plus
Must have good understanding of IT service management (ITSM) framework and ITSM tools; exposure to different ITSM tools such as ServiceNow and Jira is preferred
Experience with working and coordinating with the onshore/offshore teams
Should possess excellent written and oral communication skills
Ability to analyze complex problems, think creatively, communicate recommendations, influence change, and be able to drive process and structure to an extremely dynamic environment
Proven organizational skills, highly detail-oriented, with an ability to speak with conviction across all levels of the organization
Ability to work independently; candidate should be well organized, self-directed and a team player
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
Ability to travel up to 5%
Key Job Responsibilities:
Work with business and product teams to complete comprehensive "As-Is" and "ongoing" risk control assessments. This will include analysis of existing business and IT controls for Design & Implement (D&I) effectiveness across multiple risk domains - operations, service delivery, technology, IT infrastructure, finance, talent, third parties and regulatory compliance; risk control assessment will also include reviewing key indicators, sample testing and conducting thematic reviews
Work with the solution and product teams to identify, articulate, and define controls based on solution specific or product specific requirements
Identify and escalate emerging risks to business teams and risk leaders, as appropriate. Collaborate with relevant lines of business, legal, and risk partners to identify, design and document new controls to mitigate emerging risks
Monitor contractual commitments and obligations compliance by periodically assessing effectiveness of contractual controls
Provide on-going coaching and guidance to the business & product teams on risk control framework to ensure there is a consistent understanding of the overall control and risk management program across HO portfolios
Monitor action planning, implementation and closure of remedial actions for observations identified through control and risk management program
Leverage use of analytics and technology to identify opportunities for converting manual controls to automated controls
Identify continuous improvement opportunities to drive effectiveness and efficiency. Collaborate with other solutions and products teams to drive synergies across the broader HO portfolios
Support implementation of technology or GRC (governance, risk and compliance) platform to implement control and risk management program with the goal of improving efficiency, improving agility and optimizing cycle time
Escalate issues, concerns and risk proactively with both internal and external stakeholders
Develop periodic reports based on risk control assessment; summarize testing results and observations to the business leadership team and other key stakeholders
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.