Cloud Compliance Senior Analyst

Deloitte Tampa , FL 33602

Posted 2 weeks ago

Position Summary

Are you passionate about technology and interested in joining a community of collaborative colleagues who respectfully and courageously seek to challenge the status quo? If so, read on to learn more about an exciting opportunity with Deloitte's Information Technology Services (ITS). We are insatiably curious and life-long learners focused on technology and innovation.

Work you'll do

Become a part of the expanding Cloud Compliance team where you will have the opportunity to create an impact by ensuring that Technology and Infrastructure IT controls are implemented, efficient, monitored, and sustainable. Will serve as a strategist, consultant, and implementer to achieve streamlined activities within the organization based on urgency and priority. Deliver insight and make recommendations to help Cloud Compliance Assurance & Resilience (C-CAR) achieve the vision and strategic deliverables for the organization.

  • Design, implement, maintain, and improve programs to address key company risks and prepare internal teams against a wide variety of regulatory and compliance frameworks (ISO 27001, SOC 2, HiTrust, ISO 27018, ISO 22301, FedRAMP, etc.)

  • Assist in driving automation efforts for cloud compliance.

  • Provide operational and administrative support to the Cloud Compliance Assurance & Resilience (C-CAR) Leader and Senior Leads. Develop and maintain an effective and efficient system for managing the needs and requirements of the C-CAR Leadership team

  • Assist ITS Finance with initiatives to measure the Total Cost of Ownership of ITS Services

  • Direct, manage and coordinate team member activities and expectations, including collaboration with all project stakeholders from Business areas, internal and external consultants, contractors, and vendors

  • Facilitate ongoing risk and compliance initiatives and monitor control effectiveness.

  • Analyze data and provide reporting tailored to various audiences according to complexity, risk and stakeholder reporting requirements

  • Work collaboratively with cloud team leads to develop and refine existing controls and processes

  • Liaison with other member firms on C-CAR projects

  • Work with the reporting team to ensure the creation of dashboards and presentations that market and inform of the value and opportunities to educate and inform Leaders, customer and clients.

  • Ability to prioritize and manage competing priorities

  • Arrange essential materials as needed to help expedite response and/or actions needed to achieve goals

The team

Information Technology Services (ITS) helps power Deloitte's success. ITS is the engine that helps to drive Deloitte, which serves many of the world's largest organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.

The ~2,200 professionals in ITS deliver services internally including:

  • Cyber security

  • Technology support

  • Technology & Infrastructure

  • Application development and management

  • Relationship management group

  • Strategy

  • Deployment

  • PMO

  • Financials

  • Communications

Technology & Infrastructure

The Technology and Infrastructure Organization works together to transform how ITS deploys technologies and services to meet the dynamic needs of Deloitte professionals and help increase their productivity.

Qualifications

  • 5+ years of experience in internal or external compliance related work

  • Strong familiarity with a broad range of technical concepts relevant to cloud computing environments: logical access control, agile development process, software development life cycle, security architecture, information security, and network security

  • CISA, CISSP, CCSK, or other professional certifications preferred.

  • Strong business operations or project management experience preferred

  • Excellent written and verbal communications skills required. Must be able to easily grasp and communicate complex ideas

  • Ability to work strategically and collaboratively across departments

  • Experience with Microsoft tools - Word, Outlook, Excel and PowerPoint.

  • Expert problem solver. Leverages knowledge gained through prior experience, education, training to resolve issues and remove project barriers

  • Advise and coach on strategic, organizational, and communications matters

  • Fosters a climate conducive to establishing positive working relationships with clients (internal and external)

  • Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

EA_ExpHire

EA_ITS_ExpHire

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

Benefits

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

Our people and culture

Our diverse, equitable, and inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Learn more about our inclusive culture.

Professional development

From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

As used in this posting, "Deloitte" means Deloitte Services LP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. See notices of various ban-the-box laws where available.

Requisition code: 68719

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Risk And Compliance Analyst

Deloitte

Posted 1 week ago

VIEW JOBS 1/14/2022 12:00:00 AM 2022-04-14T00:00 Position Summary Job Summary Senior level analyst role providing knowledge to support the programs of Technology Risk & Compliance which include responding to client inquiries, reviewing contracts for security requirements, risk management, and compliance management. This position is specifically responsible for responding to complex client inquiries in relation to Deloitte's non-proprietary security controls for on prem as well as cloud infrastructure and helping with onsite visits and audits. In addition, this position will provide support for audits, including gathering and discussing evidence and managing remediation responses and activities. Responsibilities * Execute tasks associated with complex client inquiries, client security contracts/addendums, audits, and assessments as required for client contractual, regulatory and compliance obligations. Provides in-depth recommendations to resolve issues. * Work with the appropriate Cyber Security, Office of General Counsel, Risk Management, Audit, and Engagement Leaders to: * Provide approved responses to client inquiries and maintain library of records, documentation, and responses * Represent the Cyber Security, Risk & Compliance team on input to contract requirements relating to information technology and security controls * Help determine scope of onsite visits, audits, and assessments as defined by contracts and regulatory requirements * Recommend and help develop appropriate information security policies, standards, procedures, checklists, and guidelines using generally-recognized security concepts tailored to meet the requirements of the organization * Help identify security risks in the hardware, software, and systems used by the organization * Liaison with external auditors and internal control owners to support various internal and external audits/assessments such as SSAE 18 SOC 1, SOC 2, ISO 27001, HIPPA, HITRUST, cloud security alliance (CSA) and AUP * Prepare Information Technology Services (ITS) in information technology assessments and/or audits of IT systems, processes, and general IT controls. Interpret results and develop and communication recommendations to management * Assist with tasks to remediate identified risks and vulnerabilities; identify those within the organization responsible remediation tasks and negotiate dates for remediation to be complete; track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituents. * Uses acquired knowledge to handle technology and operational risks to the Information Technology Services organization as well as related laws, regulations, and industry standards, specifically as related to internal technology solutions; work with others to help promote effective management of identified risks in accordance with the Risk Management program. * Assess and recommend policies, standards, procedures, controls, and security solutions to assure the confidentiality, integrity, and availability of the information technology environment. * Participate in continuing education opportunities to remain current on developments in the information security and audit professions. * May provide support to efforts on special projects. * Other duties as assigned Decision Making/Judgment Required * Self-starter, works with minimal supervision * Able to identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders Required Technical Skills: * Experience with Offshore Development Centers and Security Operations Centers related to operations and controls a plus * Knowledge of privacy principles, data protection/security regulations, and frameworks, such as ISO 27001, 27002, Agreed Upon Procedures, SSAE 18 SOC 1 and SOC 2, HIPAA, HITRUST, cloud security fundamentals and COBIT a plus * Possess a general understanding of underlying infrastructure architecture including WANs, LANs, Internet, intranets, cloud computing, and communication protocols such as TCP, UDP, and IPSEC Required Licenses, Certifications, and Other Requirements * CISA or CISSP or CCSP preferred * Consulting skills (client service orientation, conflict resolution, analysis/synthesis of information, negotiation, project management, security contracts, etc.) * Negotiation skills needed to obtain commitments to remediate risks and vulnerabilities from leadership of other teams * Familiar with and able to apply generally-accepted security methods, concepts and techniques * Excellent communication, listening, and facilitation skills * Excellent time management and related organizational skills, including appropriate sense of urgency, dependability, a proactive approach, and a suitable ability to anticipate and manage multiple project lifecycle events, issues and obstacles Education & Experience * 5 years of information security experience. Bachelor's degree (e.g., Information Security, Information Protection, Computer Information Systems, Computer Science, Computer Engineering, Information Systems Management) or equivalent educational or professional experience and/or qualifications. * 3+ years of experience with information technology audits and assessments for on prem and could infrastructure preferred EA_ExpHire EA_ITS_ExpHire Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our diverse, equitable, and inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Learn more about our inclusive culture. Professional development From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. As used in this posting, "Deloitte" means Deloitte Services LP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Deloitte will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws. See notices of various ban-the-box laws where available. Requisition code: 68713 Deloitte Tampa FL

Cloud Compliance Senior Analyst

Deloitte