Job Title:  Enabling Areas - IT Risk Management - Information Technology

Job requisition ID ::  50741
Date:  Feb 4, 2023
Location:  Mumbai - IThink
Designation:  Manager
Entity: 

What impact will you make? 

 

Every day, your work will make an impact that matters, while you thrive in a dynamic culture of inclusion, collaboration, and high performance. As the undisputed leader in professional services. Deloitte is where you’ll find unrivaled opportunities to succeed and realize your full potential.

 

Work you’ll do

 

  • Manage governance, risk, confidentiality, compliance for the enterprise and provide support to CISO office on security & compliance assurance.
  • Work with technology team to establish and improvise security frameworks, policies, procedures.
  • Work with application team for SSDLC implementation.
  • Review contracts with clients and vendors

 

Responsibilities:

 

  • Implementation, operation, and maintenance of the Information Security Management System based on standards like ISO/IEC 27000 series, ISO 22301, etc., as applicable.
  • Develop, implement, and monitor enterprise information security program which would take account of Developing, maintaining, and publishing up-to-date information security policies, procedures, and guidelines.
  • Facilitating the information security risk assessment process, including the reporting and oversight of treatment efforts to address findings
  • Ability to present and articulate how controls quantitatively impact risk and align information risk to business risk
  • Contract / Engagement Letter review from Cybersecurity controls perspective
  • Managing security incidents and events to protect corporate IT assets, regulated data, and the company's reputation.
  • Overseeing the awareness training programs for all employees, contractors, and approved system users.
  • Implementing processes related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations.
  • Facilitating Internal & External Audits.
  • Perform security reviews of critical business projects supporting Secure SDLC phases, compliance, and governance.
  • Interface with application development team to drive secure initiatives, planning, and resolve issues and conflicts early and within development lifecycle.
  • Facilitate secure engagement activities including security requirements, threat modelling, vulnerability analysis, and risk assessment.

 

As a prospective candidate, you should possess:

 

  • Bachelor's Degree in Information Technology.
  • 12+ years in Information Security/ Cyber Security.
  • Certifications in security demonstrating deep practical knowledge such as CISSP, CISA, CISM, ISO 27001 LA, ISO 22301 LA, etc.
  • Basic understanding of various technologies such as programming languages, and applications.
  • Good time management and multitasking skills.
  • Ability to build healthy working relations.

 

We Value

 

  • Secure software development lifecycle (SSDLC) experience.
  • Information Risk Management including Technology Risk & Vendor IT Risk Assessment.
  • Ability to identify and remediate issues early, analyse, and propose alternative solutions.
  • Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders.
  • Passion for achieving results and continual self-improvement.
  • Experience and knowledge of Public Cloud Provider (e.g., Azure, AWS, GCP) security controls and capabilities.
  • Deep understanding and experience of multi-layer security controls ensuring confidentiality, integrity, and availability.
  • Experience with Identity and Access Management security solutions and protocols (e.g., SAML, OpenID, and OAuth).
  • Knowledge of with security tools (e.g., SAST/DAST, SCA, vulnerability scanning, penetration testing).
  • Knowledge of current and emerging security threats and techniques for exploiting security weaknesses.
  • Knowledge and understanding of OWASP Top 10, including assessment and remediation strategy.
  • Understanding of National and International regulatory and compliance standards.

 

Your role as a leader:

 

At Deloitte India, we believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters.

In addition to living our purpose, assistant managers across our organization:

  • Build their own understanding of our purpose and values and explore opportunities for impact
  • Demonstrate strong commitment to personal learning and development; act as a brand ambassador to help attract top talent
  • Understand expectations and demonstrate personal accountability for keeping performance on track
  • Actively focus on developing effective communication and relationship-building skills
  • Understand how their daily work contributes to the priorities of the team and the business
  • Support the team whenever required

 

How you’ll grow

 

At Deloitte, our professional development plan focuses on helping people at every level of their career identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help build world-class skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career. Explore Deloitte University, The Leadership Center.

 

Benefits

 

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

 

Our purpose                                                                                                                

                                                                                                              

Deloitte is led by a purpose: To make an impact that matters.

Every day, Deloitte people are making a real impact in the places they live and work. We pride ourselves on doing not only what is good for clients, but also what is good for our people and the communities in which we live and work—always striving to be an organization that is held up as a role model of quality, integrity, and positive change. Learn more about Deloitte's impact on the world

 

Recruiter tips

 

We want job seekers exploring opportunities at Deloitte to feel prepared and confident. To help

you with your interview, we suggest that you do your research: know some background about the

organization and the business area you’re applying to. Check out recruiting tips from Deloitte

professionals.