Manager - Risk Advisory/Cyber Risk - IT

Manager Risk Advisory Cyber Risk Pune

Work you'll do:

As a part of our Risk Advisory team, you'll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. You'll:

Role Description:

- ISMS or Third-Party Risk Assessments

- Lead engagement team in delivering client engagements

- Support Managers/AD/D in assessment/ audit execution, reporting, quality review and tracking

- Support Managers/AD/D in responding to RFP, proposals, new opportunities

- Lead discussions with client teams from various depts. Such as compliance teams, auditing and regulators to identify and document various requirements/obligations

- Flexible to step-in and perform work on ground such as conducting risk assessments and audits with respect to people, process and technology

- Act as subject matter expert (SME) for providing guidance and share knowledge with team members. Assist team members during engagements

- Should be able to work as independently on short term engagements

- Perform quality reviews of work performed by team members

Qualifications:

1. Relevant years of experience in Third party risk management

2. Relevant years of experience in IT Audits, Cloud security

3. Experience with ISO22301 implementation and audits

4. Preferred certifications CBCI / CBCP / ISO22301 LI or LA Offensive Security Certified Professional, CISA

Your role as a leader:

We believe in the importance of leadership at all levels. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters.

In addition to living our purpose, across our organization:

- Understanding of Third party/vendor/supplier risk management considerations

- Knowledge of Data Protection & Privacy related risks associated with Third-Party and relevant control frameworks for Third party risk management

- Excellent written/verbal communication

- Excellent documentation and presentation skills

- Highly motivated and willing to work in local and global environments

- Security certifications like CISSP, CISA, CISM, CEH, ISO27001

- Work experience in Infrastructure / Application Security

- Work experience in IT Audit

- Work experience in Cloud Security

- Work experience in Information Risk Management

- Work experience in Information Security or Cyber Security domains

- GRC tool experience like Archer, ServiceNow, OneTrust, ProcessUnity, Security Scorecard etc

How you'll grow:

At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to help build world-class skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs at Deloitte University, our professionals have a variety of opportunities to continue to grow throughout their career.