Summary
Position Summary
Cyber Strategy – Consultant - Solution Advisor
Deloitte’s Cyber Risk Services
help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise.Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms.
Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting.
Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license
Work you’ll do
As a professional working for Cyber Strategy and Risk Management, you will play a critical role in supporting the second line of defense by providing independent oversight, challenge, and guidance on cyber and technology risks across the organization. This role involves collaborating with business units, first line technology teams, and other risk functions to ensure effective identification, assessment, mitigation, and monitoring of risks in alignment with regulatory requirements and organizational risk appetite. You’ll:
- Targeted Risk Reviews
- Lead and support risk assessments of new and existing technology initiatives, products, and services.
- Conduct deep-dive risk reviews of IT and Cyber domains such as Identity & Access Management, Network Security, Incident Management, Data Protection etc.
- Advise business and IT stakeholders on risk mitigation strategies and control enhancements.
- Technology Risk Oversight
- Provide independent oversight and challenge to first line technology risk activities, controls, and remediation plans.
- Review and assess technology risk and control self-assessments (RCSAs), risk registers, and key risk indicators (KRIs).
- Monitor emerging technology risks (e.g., AI, quantum, etc.) and escalate as appropriate.
- Policy & Framework Review & Development
- Contribute to the development, maintenance, and enhancement of technology risk management frameworks, policies, and standards.
- Ensure alignment with regulatory expectations (e.g., FFIEC, NIST, ISO 27001) and industry best practices.
- Cyber Maturity Review & Challenge
- Review quarterly cyber maturity reviews performed by first-line and challenge the outcomes with clear reasoning.
- Reporting & Communication
- Prepare and present technology risk reports, dashboards, and insights for senior management and governance committees.
- Communicate complex technology risk concepts in clear, business-focused language.
The teamCyber Risk Services (CRS) group is part of the wider Technology Risk practice within Deloitte Advisory. We help“Fortune 500” clients solve business issues related to risk management, cyber threats, privacy, governance, business resilience & process improvements. Learn more about our Cyber Risk Services practice.Deloitte’s Cyber Strategy and Governance practice is focused on helping our clients to design and implement transformational programs to reduce and manage cyber threats. We help our clients to define their overall cyber strategy, design global, pan-enterprise programs that focus on mitigating threats, evaluate their objectives, priorities, strengths and weaknesses and roll out large scale organizational changes to achieve goals.
Qualifications And Experience
Required:
- Bachelor’s degree in information technology or relatedfield
- 3-5 years information securityexperience with 3+ years of experience in technology risk management
- Excellent verbal and writtencommunication
- Understanding and knowledge of industry standards and industry frameworks (e.g., COBIT, COSO, ISO 27001, PCI,NIST)
- Experience of implementing and operationalizing technology risk management programs.
- Understanding of security requirements, contributions to security design and hands-on implementation of multiple security technologies andcapabilities
- Hands-on experience working with stakeholders in identifying, prioritizing and developing plans and roadmaps for cyber securityprograms
- Broad domain knowledge and strong understanding of three or more cyber security domains including (but not limitedto):
- Cyber riskstrategy
- Cyber risk program management anddelivery
- Cyber securityoperations
- Securityarchitecture
- Dataprotection
- Applicationsecurity/SDLC
- Third party riskmanagement
- Cloudsecurity
- Cyber ThreatIntelligence
- Security OperationsCenter
- IncidentResponse
- CyberResilience
Preferred:
- B.E. / B.Tech + MBA (Preferred)
- CISSP / CRISC (orequivalent)
Our purpose
Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities.
Our people and culture
Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.
Professional development
At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India .
Benefits To Help You Thrive
At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you.
Recruiting tips
From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.Requisition code: 309892
