Deloitte Jobs

Job Information

Deloitte Risk & Financial Advisory - Manager - Third Party Risk Management in Princeton, New Jersey

Risk & Financial Advisory - Manager - Third Party Risk Management

Unanticipated risks have great consequences for clients. That's especially true today as new risks and complexities brought on by regulatory mandates, rapidly evolving technologies, and the digitalization of business operations are disrupting traditional business models. Deloitte Risk and Financial Advisory's Hybrid-Operate teams deliver next-generation managed services and advanced technology products to help organizations solve complex problems on a long-term basis. Teams do this by bringing together advanced analytics, robust domain knowledge and experience, and strong technology products to help clients monitor, manage, and measure their operational environment for risk.

Given the ever-increasing size and complexity of third party ecosystems, our clients are increasing leveraging our firm's expertise to implement and operate a wide variety of Third Party Risk Management (TPRM) solutions designed to mitigate risks and drive more value in third party relationships. If you are seeking a role that offers exposure to these clients, Deloitte Risk and Financial Advisory's Cyber practice may be the place for you.

The work you perform will help you develop an understanding of:

  • the different third-party relationships an organization may have across different industries

  • the drivers which affect behaviors of business partners, suppliers and customers; and

  • the operational processes and controls required by an organization to effectively manage and monitor its third-party relationships.

As a Manager, it will provide you excellent potential for:

  • Playing a lead role in designated tasks of the project team in gathering, organizing and analyzing data

  • Making major contributions in assuring products/deliverables meet contract/work plan

  • Strong potential for growth and acceptance of additional responsibilities

Work you will do:

  • Lead multiple engagements in the delivery of third party risk assessment services, which include, but are not limited to, assessment execution, stakeholder management, risk reporting and process optimization, leveraging available tools

  • Advise and assist clients in developing their third party risk management programs, such as risk tiering methodology, risk assessment process flows, risk assessment questionnaires, and reports

  • Support the design and implementation of third-party risk operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks

  • Design policies and procedures that support the successful implementation of TPRM operating models

  • Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements

  • Consider the application of legal and regulatory requirements to company's risk management practices

  • Design technology enhancement requirements to support third-party risk management processes

  • Track and communicate engagement performance and planning to Deloitte engagement management, ensuring project milestones remain on track and are completed timely

  • Actively mentor and train team members on Third Party Risk Management processes, governance, and frameworks

  • Work cross-functionally with team members to support and drive a collaborative team environment

  • Create and design effective presentations as a means for communicating project and deliverable progress to clients

  • Perform sophisticated data analyses to understand client's business and identify risk

  • Execute advanced services and supervise staff in delivering basic services

  • Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects

  • Understand client's business environment and basic risk management approaches

  • Demonstrate a general knowledge of market trends, competitor activities, Deloitte & Touche's products and service lines

  • Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions

  • Generate innovative ideas and challenge the status quo

  • Build and nurture positive working relationships with clients with the intention to exceed client expectations

  • Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services

  • Identify opportunities to improve engagement profitability

    The successful Manager will demonstrate the following attributes:

  • Ability to adopt a pragmatic approach to dealing with situations where confidentiality is important or where our work is of a sensitive nature

  • Independent thinker and resourceful problem solver with an ability to exercise mature judgment

  • Takes ownership and drives toward a successful outcome

  • Can see the big picture and naturally looks for what other client problems the team can solve

  • Ability to work independently and in teams to manage multiple task assignments

  • Strong oral and written communication skills; including presentation, interpersonal communication, and facilitation skills

  • Brings a genuine approach to day-to-day dealings that includes the highest ethical standard

  • Ability to manage multiple partners including external team

  • Ability to manage multiple stakeholders and maintain professional relationships

  • Acting as a leader in a team environment

Required Qualifications:

  • Bachelor's degree in information technology, math, business, cyber security, computer science, data analytics or related field

  • 5+ yrs of relevant experience in information security

  • Working knowledge and understanding of information security and risk frameworks/standards (ISO 27001/2, NIST 800 series, PCI-DSS, etc.)

  • Demonstrate knowledge of key risk areas such as cyber risk, compliance risk and regulatory risk

  • Demonstrate knowledge in one or more of the following cyber risk domains, including:

  • Security Governance and Management

  • Security Policies and Procedures

  • Application Security Controls

  • Access Controls

  • Network Security Operations

  • Security Architectures

  • Identity Management

  • Disaster Recovery & Business Continuity

  • Incident Response

  • Risk Management

  • Privacy and Data Protection

  • Encryption

  • Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing

  • Ability to travel 50%, on average, based on the work you do and the clients and industries/sectors you serve

  • Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

Preferred Qualifications:

  • Degree in Math, Business, Cyber Security, Computer Science, Data Analytics or related field

  • CISSP/CISA (or equivalent)

  • Experience with information security audit or assessments

  • 3+ years of project management experience on mid to complex projects required

  • Good understanding of legal and regulatory requirements around information security and data privacy, such as OCC Bulletin 29, FFIEC, HIPAA Security/Privacy, etc.

  • Prior consulting experience

  • Experience with internal controls, risk assessments, business process, and internal IT control testing or operational auditing

The team:

The Deloitte Advisory Third-Party Risk Management (TPRM) team, part of our Cyber Risk Services, works with some of the largest organizations in the world, across a variety of industries, to assist organizations in the development and operation of TPRM programs. Our client list includes eminent organizations across industries, e.g. technology, mining, media, pharmaceuticals, oil and gas, public sector and charities.

Our TPRM portfolios of services includes a broad variety of solutions for our clients, including designing and implementing broad third-party governance and risk management frameworks/processes, developing third-party risk and control assessments, and implementing managed services to improve/enhance an organization's TPRM program.

Deloitte Office

Anywhere in the US

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

DirectEmployers