Deloitte Senior Manager, US Firms’ Incident Management Programs: US Office of Confidentiality and Privacy in Rosslyn, Virginia
The US Office of Confidentiality and Privacy (C&P), led by the Chief Confidentiality and Privacy Officer, is a steward for Deloitte's reputation. In that role, the C&P is responsible for the development and deployment of a comprehensive program to mitigate confidentiality and privacy risks across the Deloitte US Firms. The C&P is organized around strategic areas to assist and advise the US Firms' businesses and enabling areas mitigate their confidentiality and privacy risks in order to protect, preserve and enhance the reputation of Deloitte and our clients. These strategic areas include the following key programs driven by C&P:
• Insider Threat
• Policy, Regulatory & Data Governance
• Technology Assessments
• Incident Management
• Strategy and CI Program Direction
C&P is seeking an Experienced Manager with demonstrated success in risk management to join the team in assisting the US Firms manage the enterprise-wide confidentiality and privacy incident management program. The ideal candidate would be an established leader in risk management, with a track record of outstanding project management skills with strong judgement and investigation skills in managing time sensitive incidents, being very responsive and leading with a sense of urgency based on the severity of the incident. Integral to the success of the role is Executive Presence, excellent communication skills, ability to drive response activities and provide insights in a dynamic, highly collaborative environment working with business leaders across the organization.
Key responsibilities of this role include quickly building expertise in the US Firms confidential information (CI) incident management process, leading and facilitating teams to manage CI incidents to desired outcomes in an increasingly complex risk environment which span across businesses, geographic boundaries and regulatory compliance requirements. Strategic responsibilities include continuous enhancements of people, process and technologies, reporting and analytics and identification of emerging risks with mitigation strategies and presentations to leadership. With technology disruptions in the marketplace, being tech savvy with the ability to drive investigations from a business and a technology lens will be key to the success of the program leadership.
Develop solid understanding of the US Firms CI incident response process and practices
Serve as the Subject Matter Expert (SME); be seen as a leader who the Business and Enabling Area Risk Management teams can turn to, and rely on (readily available and accessible with a sense of urgency), for advice and resolution of confidentiality and privacy incidents
Develop core business understanding of the Businesses and Enabling Areas to provide timely response and guidance based on the nature of the incident and potential risks to Deloitte and our clients
Facilitate incident response activities across multiple teams, assist in developing a support model that allows for quick and decisive action and escalation of critical incidents
Ensure incidents are promptly and thoroughly investigated based on the critical nature and severity; be proactive and anticipate issues by leveraging investigative experience, providing insights, using sound judgment, and focusing on details that may not be obvious; draw on past similar incident experiences to apply consistent practices
Establish and maintain proactive communications with Business and Enabling Area Incident Management Leaders and key stake holders to drive incident follow-up until an incident is closed
Ensure incident records contain supporting evidence and documentation that is thorough, accurate and complete, drive response activities to timely resolution - maintain and improve 'days to close' metric.
Assist with projects/strategies to enhance the US Firms' incident management and preparedness based on emerging trends and risks.
Confidentiality & Privacy Strategic Initiatives
Participate in and lead projects to implement or enhance the US Firms' confidentiality and privacy programs. Activities may include development of training and awareness materials, completion of Privacy Impact Assessments, management of Data Subject Access Requests, or support for other high impact C&P initiatives.
Contribute to the design, development, and deployment of technology solutions to enhance confidentiality and privacy processes and mitigate risk.
Support confidentiality and privacy program assessments and system reviews of confidentiality & privacy risks.
Review and advise on technical requirements, vendor solutions, and data protection features of applications and systems utilized and/or delivered by the Deloitte US Firms.
Provide expertise and support to data analytics efforts to identify insights, potential risks, and mitigation strategies.
Professional and Technical skills
Essential to this role: Executive Presence, Program Leader with outstanding project management and communication skills, very responsive, sense of urgency, sound judgment, accessibility/availability, attention to detail, results/metrics driven, tech savvy, consultative leadership, team focus with excellent people management and interpersonal skills, continuous improvement mindset
Specific skills include:
Executive presence, outstanding organizational, communications (oral and written) and interpersonal skills
Strong client service mindset: must deliver quality; proven ability of driving issue to resolution in a timely manner
Demonstrated track record of consistently delivering results
Broad PPMD network; respected leader by PPMDs across the US Firms
Excellent professional judgment: ability to identify risks, escalate and execute with a sense of urgency
Precision and attention to detail with a relentless focus on persistent and timely follow-up
Ability to remain calm and in control, focused under pressure, and to influence others in a high-pressure situation
Accessibility / availability to respond to an unpredictable environment
Highly collaborative work ethic, committed to team success
Strong coaching and mentoring skills, good listener
Strong project management skills: ability to multi-task across various initiatives and activities
Strong process improvement skills with process documentation and preparation of leadership presentations
Outstanding investigation skills from a business, technology and risk lens
Work with, manage and accommodate colleagues in other time zones, flexibility to be on call for urgent matters
Quick learner, eager to learn new skills and technologies and apply them quickly to produce results
Experience supporting mission and time critical processes
Strong skills in MS PowerPoint and Excel, working knowledge of SharePoint
Certifications and Other Requirements:
Certified International Privacy Professional (CIPP) certification preferred
Proficiency in Analytics Tools (e.g., Tableau) and Collaboration Tools (e.g., SharePoint) a plus
Job location - virtual US role however some travel maybe required for meetings and trainings
Education and Experience
Bachelor's Degree: Master's or Juris Doctor required
20+ years of full-time work experience
15+ years of related experience (quality and risk management, incident response, investigations).
Direct experience in confidentiality and privacy, risk management, crisis/incident response, investigations.
Prior experience in professional services, risk management, client service, consulting services, preferably with Deloitte (established knowledge/experience with infrastructure and culture).
Demonstrated track record of adding value through a combination of deep technical expertise, professional judgment, and process/program/project ownership.
Limited immigration sponsorship may be available.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.