Function: U.S. India AERS

Service Area: Technology Risk

Service Line/Market Offering: IT Risk Management

Work Location: Hyderabad / Delhi

Role/Job Description:

- Identify and evaluate business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement

- Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects

- Facilitate use of technology-based tools or methodologies to review, design, and/or implement products and services

- Understand clients- business environment and basic risk management approaches

- Demonstrate a general knowledge of market trends, competitor activities, Deloitte & Touche LLP products, and service lines

Key Skills:

- Excellent understanding of information security and risk frameworks/standards (ISO 27001/2, NIST 800 series, PCI-DSS, etc.)

- Exposure to legal and regulatory requirements around information security and data privacy such as OCC Bulletin 29, FFIEC, HIPAA Security/Privacy, etc. (preferred)

- Demonstrate knowledge of key risk areas such as cyber risk, compliance risk and regulatory risk

Demonstrate knowledge in one or more of the following cyber risk domains, including:

- Security Governance and Management

- Security Policies and Procedures

- Application Security Controls

- Access Controls

Experience: 2- 6 Years

Education: BE/BTech/MBA

About Deloitte:

- Deloitte- is the brand under which tens of thousands of dedicated professionals in independent firms throughout the world collaborate to provide audit, consulting, financial advisory, risk management, and tax services to selected clients. These firms are members of Deloitte Touche Tohmatsu Limited (DTTL), a UK private company limited by guarantee. Each member firm provides services in a particular geographic area and is subject to the laws and professional regulations of the particular country or countries in which it operates. DTTL and each DTTL member firm are separate and distinct legal entities. Each DTTL member firm is structured differently in accordance with national laws, regulations, customary practice, and other factors and may secure the provision of professional services in their territories through subsidiaries, affiliates, and/or other entities.

In the United States, Deloitte LLP is the member firm of DTTL. Services are primarily provided by the subsidiaries of Deloitte LLP, including:

- Deloitte & Touche LLP

- Deloitte Consulting LLP

- Deloitte Financial Advisory Services LLP

- Deloitte Tax LLP

In India, Deloitte LLP has the following indirect subsidiaries: Deloitte & Touche Assurance & Enterprise Risk Services India Private Limited, Deloitte Consulting India Private Limited, Deloitte Financial Advisory Services India Private Limited, Deloitte Tax Services India Private Limited and Deloitte Support Services India Private Limited. These entities, which together are referred to as Deloitte U.S. India offices, primarily render services to their respective US-based parents.

About U.S. India AERS : A collaborative venture between Deloitte & Touche LLP (U.S.) and Deloitte Haskins & Sells (India), U.S. India AERS provides Audit and Advisory services through a remote and integrated service delivery model. U.S. India AERS, a valuable extension of U.S. AERS organization, provides efficient service delivery for Audit and Advisory engagements. With strong capabilities in all the AERS Service Lines, U.S. India AERS professionals collaborate with client teams on projects across the spectrum of AERS engagements. U.S.India AERS operates from Hyderabad, Delhi and Bengaluru.

U.S. India Technology Risk

S&P professionals design, develop, and implement industry-leading information security solutions to help organizations protect their information and confidential data and to facilitate ongoing, secure, and reliable operations of their businesses and supporting technologies.

Deloitte's Vulnerability Management services helps organizations combat today's growing array of system threats. We help organizations assess their infrastructure, networks and application environments to identify vulnerabilities and control weaknesses. We develop and deploy the technical and architectural improvements necessary to reduce attack exposure.

Our Vulnerability Management services help organizations identify the technical and architectural improvements needed to minimise exposure to attacks. With our customised methodology, we assess the many aspects of risk to support identification of both internal and external facing threats. Using both commercial and proprietary tools, we conduct the following vulnerability assessments:

- External penetration testing

- Internal penetration testing

- Wireless penetration testing

- Web application testing

- System, application and network security diagnostic assessments

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.