Senior Analyst, Security Policies And Standards Exception Management

Deloitte & Touche L.L.P. Chicago , IL 60602

Posted 5 months ago

Overview of the Role

Deloitte leads with purpose, solving complex issues for our clients and communities. Across disciplines and across borders, Deloitte Touche Tohmatsu Limited (DTTL) Global supports our network of national member firms by developing and driving global strategy, programs, and platforms, and creating new solutions and transformational experiences. Our people share a passion for igniting change and a strong service orientation that shapes our organization and those it supports.

The Deloitte Global Cybersecurity function is responsible for the firm's overall objectives of enhancing data protection, standardizing and securing critical infrastructure and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of cybersecurity services to Deloitte member firms through regional delivery hubs and a Global Fusion Center. We are seeking a Senior Analyst, Security Policies and Standard Exception Management to join the team.

The position reports to the Senior Manager, Security Policies and Standards Exception Management. The role has a primary focus to:

  • Conduct evaluations of exception requests by reviewing policy requirements, security standards, system and member firm architecture, designs and material

  • Make informed risk analysis and decision based on identified information security issues

Responsibilities

As part of the Global Cybersecurity team, this professional will have the following responsibilities:

Operational

  • Perform exception analysis including gathering all relevant rationale, costs/constraints, and risks

  • Develop exception report and recommendation

  • Assist in presenting exception recommendations to senior cybersecurity, risk, and technology leadership

Relationship Management

  • Develop and maintain relationships with primary exceptions management leaders in member firms

  • Participate in security policies and standards exception management working group

Expectations from the Professional

Our purpose is to make an impact that matters and our aspiration is to be the undisputed leader in professional services. At the root of these goals are our Shared Values, which describe the distinctive Deloitte culture. Our Values are timeless, all-encompassing and embrace the cultures in which Deloitte member firms operate. We expect all professionals to live our purpose and shared values and be the brand ambassadors holding Deloitte Global and member firms together.

Integrity

At Deloitte, everything we do starts with integrity. In our marketplace, nothing is more important than our reputation and, accordingly, we commit to conducting business with honesty, distinctive quality, and high levels of professional behavior.

Outstanding value to markets and clients

We play a critical role in helping both the capital markets and our member firm clients operate more effectively. We consider this role a privilege, and we know it requires constant vigilance and unrelenting commitment.

Commitment to each other

We are proud of our culture of borderless collegiality and work hard to support our people. We strive to create an inclusive environment that reflects our strong, clear expectations about diversity, respect, and fair treatment.

Strength from cultural diversity

Our member firm clients' business challenges are complex and benefit from the innovation and varied perspectives that our practitioners bring. We understand that working with people of different backgrounds, cultures, and thinking styles helps our people grow into better professionals and leaders.

Education

  • Bachelor's degree: degree in business administration, a technology-related field, or equivalent education-related experience

Work experience

  • Minimum of 5 years of combined experience in the Information Security / Cybersecurity domain with a focus on cybersecurity governance and risk management

  • At least one years' experience in security policies and standards exception management or other security risk management function

  • Experience with ServiceNow, Archer, or other exceptions management tools is preferable

Certification

  • Professional security management certification desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials

Skills/abilities

  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels

  • Sound knowledge of business management and an expert knowledge of information / cybersecurity risk management and governance

  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework

  • Ability to travel as needed up to 10%

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site (jobs2.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at jobs2.deloitte.com

Requisition code: DE19GLBGTS004JD1701


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
IT Security Policies And Exception Management Senior Analyst

Deloitte & Touche L.L.P.

Posted 5 days ago

VIEW JOBS 7/12/2019 12:00:00 AM 2019-10-10T00:00 Overview of the Role Deloitte leads with purpose, solving complex issues for our clients and communities. Across disciplines and across borders, Deloitte Touche Tohmatsu Limited (DTTL) Global supports our network of national member firms by developing and driving global strategy, programs, and platforms, and creating new solutions and transformational experiences. Our people share a passion for igniting change and a strong service orientation that shapes our organization and those it supports. The Deloitte Global Cybersecurity function is responsible for the firm's overall objectives of enhancing data protection, standardizing and securing critical infrastructure and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of cybersecurity services to Deloitte member firms through regional delivery hubs and a Global Fusion Center. We are seeking a Senior Analyst, Security Policies and Standard Exception Management to join the team. The position reports to the Senior Manager, Security Policies and Standards Exception Management. The role has a primary focus to: * Conduct evaluations of exception requests by reviewing policy requirements, security standards, system and member firm architecture, designs and material * Make informed risk analysis and decision based on identified information security issues Responsibilities As part of the Global Cybersecurity team, this professional will have the following responsibilities: Operational * Perform exception analysis including gathering all relevant rationale, costs/constraints, and risks * Develop exception report and recommendation * Assist in presenting exception recommendations to senior cybersecurity, risk, and technology leadership Relationship Management * Develop and maintain relationships with primary exceptions management leaders in member firms * Participate in security policies and standards exception management working group Expectations from the Professional Our purpose is to make an impact that matters and our aspiration is to be the undisputed leader in professional services. At the root of these goals are our Shared Values, which describe the distinctive Deloitte culture. Our Values are timeless, all-encompassing and embrace the cultures in which Deloitte member firms operate. We expect all professionals to live our purpose and shared values and be the brand ambassadors holding Deloitte Global and member firms together. Integrity At Deloitte, everything we do starts with integrity. In our marketplace, nothing is more important than our reputation and, accordingly, we commit to conducting business with honesty, distinctive quality, and high levels of professional behavior. Outstanding value to markets and clients We play a critical role in helping both the capital markets and our member firm clients operate more effectively. We consider this role a privilege, and we know it requires constant vigilance and unrelenting commitment. Commitment to each other We are proud of our culture of borderless collegiality and work hard to support our people. We strive to create an inclusive environment that reflects our strong, clear expectations about diversity, respect, and fair treatment. Strength from cultural diversity Our member firm clients' business challenges are complex and benefit from the innovation and varied perspectives that our practitioners bring. We understand that working with people of different backgrounds, cultures, and thinking styles helps our people grow into better professionals and leaders. #GLBStratGov Education * Bachelor's degree: degree in business administration, a technology-related field, or equivalent education-related experience Work experience * Minimum of 5 years of combined experience in the Information Security / Cybersecurity domain with a focus on cybersecurity governance and risk management * At least one years' experience in security policies and standards exception management or other security risk management function * Experience with ServiceNow, Archer, or other exceptions management tools is preferable Certification * Professional security management certification desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials Skills/abilities * Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels * Sound knowledge of business management and an expert knowledge of information / cybersecurity risk management and governance * Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework * Ability to travel as needed up to 10% All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status, or any other legally protected basis, in accordance with applicable law. Disclaimer: Nothing in this job description/posting shall constitute an offer or promise of employment. If you are not reviewing this job posting on our Careers' site (jobs2.deloitte.com) or one of our approved job boards we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at jobs2.deloitte.com Requisition code: DE19GLBGTS004JD1700 * * * * * * Deloitte & Touche L.L.P. Chicago IL

Senior Analyst, Security Policies And Standards Exception Management

Deloitte & Touche L.L.P.