Add office photos
Premium Employer
i
This company page is being actively managed by
Deloitte Team. If you also belong to the team, you
can get access from
here
Deloitte
CompareProud winner of ABECA 2024 - AmbitionBox Employee Choice Awards
All Filters
3 Deloitte Risk Management Jobs
Enabling Areas - IT Risk Management
2-6 years
Bangalore / Bengaluru
1 vacancy
Enabling Areas - IT Risk Management
Deloitte
posted 1mon ago
Job Role Insights
Flexible timing
Key skills for the job
Job Description
- Manage governance, risk, confidentiality, compliance for the enterprise and provide support to CISO office on security & compliance assurance.
- Work with technology team to establish and improvise security frameworks, policies, procedures.
- Work with application team for SSDLC implementation.
- Review contracts with clients and vendors
Responsibilities:
- Implementation, operation, and maintenance of the Information Security Management System based on standards like ISO/IEC 27000 series, ISO 22301, etc., as applicable.
- Develop, implement, and monitor enterprise information security program which would take account of Developing, maintaining, and publishing up-to-date information security policies, procedures, and guidelines.
- Facilitating the information security risk assessment process, including the reporting and oversight of treatment efforts to address findings
- Ability to present and articulate how controls quantitatively impact risk and align information risk to business risk
- Contract / Engagement Letter review from Cybersecurity controls perspective
- Managing security incidents and events to protect corporate IT assets, regulated data, and the companys reputation.
- Overseeing the awareness training programs for all employees, contractors, and approved system users.
- Implementing processes related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations.
- Facilitating Internal & External Audits.
- Perform security reviews of critical business projects supporting Secure SDLC phases, compliance, and governance.
- Interface with application development team to drive secure initiatives, planning, and resolve issues and conflicts early and within development lifecycle.
- Facilitate secure engagement activities including security requirements, threat modelling, vulnerability analysis, and risk assessment.
As a prospective candidate, you should possess:
- Bachelors Degree in Information Technology.
- 12+ years in Information Security/ Cyber Security.
- Certifications in security demonstrating deep practical knowledge such as CISSP, CISA, CISM, ISO 27001 LA, ISO 22301 LA, etc.
- Basic understanding of various technologies such as programming languages, and applications.
- Good time management and multitasking skills.
- Ability to build healthy working relations.
We Value
- Secure software development lifecycle (SSDLC) experience.
- Information Risk Management including Technology Risk & Vendor IT Risk Assessment.
- Ability to identify and remediate issues early, analyse, and propose alternative solutions.
- Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders.
- Passion for achieving results and continual self-improvement.
- Experience and knowledge of Public Cloud Provider (e.g., Azure, AWS, GCP) security controls and capabilities.
- Deep understanding and experience of multi-layer security controls ensuring confidentiality, integrity, and availability.
- Experience with Identity and Access Management security solutions and protocols (e.g., SAML, OpenID, and OAuth).
- Knowledge of with security tools (e.g., SAST/DAST, SCA, vulnerability scanning, penetration testing).
- Knowledge of current and emerging security threats and techniques for exploiting security weaknesses.
- Knowledge and understanding of OWASP Top 10, including assessment and remediation strategy.
- Understanding of National and International regulatory and compliance standards.
Employment Type: Full Time, Permanent
Read full job descriptionPrepare for Risk Management roles with real interview advice
What Risk Management at Deloitte are saying
Rating based on 1 Risk Management
review
Anonymous · Other
in Mumbai Suburban
Likes
Good Learning, Great Opportunities, Environment and Culture, The place is good for women employees
- Salary - Good+5 more
Dislikes
Long Working Hours, Non CA .. think twice before you join
Risk Management salary at Deloitte
reported by
5
employees
₹6.6
L/yr - ₹13
L/yr
183%
more
than the average Risk Management Salary in India
View more details
What Deloitte employees are saying about work life
based on 17.1k employees
Flexible timing
Monday to Friday
No travel
Day Shift
Deloitte Benefits
Submitted by Company
Learning and Development Employee insurance Flexibility Code Corporate culture Sick leave benefit
Submitted by Employees
View more benefits 
Compare Deloitte with
Accenture
Compare
PwC
Compare
Ernst & Young
Compare
Cognizant
Compare
TCS
Compare
IBM
Compare
Amazon
Compare
Compare
Capgemini
Compare
Infosys
Compare
Microsoft Corporation
Compare
Wipro
Compare
JPMorgan Chase & Co.
Compare
Nagarro
Compare
Genpact
Compare
Barclays
Compare
Morgan Stanley
Compare
KPMG India
Compare
HCLTech
Compare
Oracle
Compare
Similar Jobs for you
Deloitte Bangalore / Bengaluru Office Locations
Bengaluru Office
Deloitte Touche Tohmatsu India Pvt. Ltd., Deloitte Centre Anchorage I & II, 100/2, Richmond Road, Langford Gardens
Bengaluru
Karnataka 560025
Karnataka 560025
Bengaluru Office
Deloitte, 100/2, Deloitte Centre, Anchorage II,Richmond Road
Bengaluru
Karnataka 560025
Karnataka 560025
Enabling Areas - IT Risk Management - Information Technology
2-6 Yrs
Bangalore / Bengaluru
Share an Interview