This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Risk & Compliance Manager
Deloitte - Kansas City, MO
posted about 2 months ago
About the position
The Risk & Compliance Manager at Deloitte is responsible for supporting audits and assessment programs within the Technology Cyber Security Risk & Compliance team. This role involves understanding and assessing technology and operational risks related to both internal and cloud technology solutions, as well as providing input on appropriate controls to mitigate those risks. The position serves as a liaison between internal and external auditors, ensuring compliance with various regulations and standards while managing remediation of identified risks and vulnerabilities.
Responsibilities
- Develop, manage, lead, and execute strategies and tasks associated with the ISO and TISAX security programs.
- Understand and assess technology and operational risks related to internal and cloud technology solutions.
- Design, recommend, plan, develop, and support implementation of project-specific security solutions.
- Recommend policies, standards, procedures, and controls to assure the confidentiality, integrity, and availability of the IT environment.
- Manage remediation of identified risks and vulnerabilities, tracking progress and providing reporting.
- Represent Information Technology in internal and external assessments and audits, interpreting results and developing recommendations.
- Participate in continuing education and professional organizations to stay current in information security.
- Work with various departments to determine the scope of onsite visits, audits, and assessments.
- Develop and recommend information security policies, standards, procedures, and guidelines.
- Develop risk/vulnerability assessment programs and questionnaires to identify and mitigate security risks.
Requirements
- Bachelor's degree or equivalent in Computer Science, Business Administration, or Information Systems.
- Minimum 6 years of directly related experience in managing IT audits, assessments, and remediation management.
- Minimum 2 years of experience with industry standard frameworks such as ISO 27001, SSAE 18 SOC 1 and SOC 2, HIPAA, HITRUST, etc.
- Minimum 1 year of previous people leadership or project management experience.
Nice-to-haves
- Master's Degree in Information Security, Information Protection, or related fields.
- Industry certifications such as CISA, CISSP, CISM.
- Familiarity with privacy laws and data protection/security regulations.
- Experience with Archer Policy/Compliance Management tool.
- General understanding of underlying infrastructure architecture including cloud security.
Benefits
- Competitive salary range of $93,000 - $191,000.
- Limited immigration sponsorship may be available.
