Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with premier thought leaders in your fields? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture?
At Deloitte, we help bring client data to life to enhance the risk assessment process, reveal unexpected patterns and outliers and offer insights. The business world is complex and ever changing and, as a result, Deloitte is helping to redefine audit by infusing our approach with cutting-edge technologies, data analytics and visualizations, and transformative audit delivery models. Lead audit into the future by helping deliver a more dynamic picture to our clients that provides meaningful insights, empowers decision-making, and informs tomorrow's success.
Work you'll do
This position provides risk management and related support to the U.S. Audit & Assurance (A&A) Products and Solutions organization that develops and deploys innovative technology products and solutions to Deloitte's A&A business and its clients. This position is housed within the Technology Controls (TC) team, reporting to the Technology Controls Leader.
As a Technology Controls - Risk & Compliance Senior, you will be responsible for driving the day-to-day Technology Controls activities to effectively identify regulatory, legal and compliance risk exposures, with a focus on quality, data protection and security matters related to our innovative products and solutions, environments, and frameworks at all stages with the software development lifecycle (SDLC) (e.g., design, development and deployment). This exciting and challenging role invites you to drive quality as part of the SDLC and ideate ways to creatively solve challenges and increase quality.
Under the guidance and supervision of a Technology Controls Manager or Senior Manager, you will drive quality as part of the SDLC using established risk and control frameworks (such as SOX, Security, Privacy, Confidentiality, Third Party or SOC/ISAE) to ensure that development, hosting, deployment and other risk decisions comply with existing firm policies, professional standards, laws and regulations, and other internal and external requirements. You will collaborate with various groups (such as, internal product and IT groups, Deloitte's vendors and IT service providers, and Global risk, regulatory and privacy teams) and will be required to understand their roles and responsibilities in the overall IT control structure. Further, you will prepare and/or validate control-related aspects of product risk assessments and confidential information management plans, as well as assist other TRM team members with reviewing functional and nonfunctional requirements (i.e., user stories and acceptance criteria) and testing scripts to ensure alignment with controls requirements. Additionally, you will be responsible for testing Information Used in the Execution of Controls (IUC) across our portfolio of products and solutions.
The teamOur audits are fueled by more than just technology - what really sets us apart are our insightful professionals, collaborative culture, and commitment to innovation and continuous improvement. Our audit professionals apply a streamlined, intelligent approach to the audit, enabled by innovative tools and technologies. Quality is our top priority, and by focusing on innovation, we continue to raise the bar on quality and deliver greater value to our clients. Learn more about Deloitte Audit.
Required Qualifications:Candidates should have the following competencies and skills:
+ Bachelor's degree in Accounting, Accounting Information Systems, or other related degrees.
+ Minimum of 2-3 years of experience in audit or risk assurance, preferably with experience working on large and medium-size audits performed in accordance with the PCAOB standards, or internal audit experience on clients or companies that are subject to SOX compliance.
+ Strong internal controls and audit knowledge and prior experience reviewing and/or establishing business processes and controls in large public companies subject to PCAOB standards.
+ Ensure key deliverables (control testing, evaluation of test results, other items as requested, etc.) adhere to high quality standards.
+ Strong knowledge and understanding of, or the ability to learn, the regulatory requirements and professional standards involving the development, documentation, review, retention and archiving of evidence, including reproduction thereof for professional, legal or regulatory purposes.
+ Experience with establishing and/or reviewing controls over accuracy and completeness of key business reports (IUC).
+ Ability to apply concepts of risk assessment and professional skepticism.
+ Reasonable familiarity with audit or other regulatory technology applications.
+ Familiarity with data analytics and/or technology fueled by machine learning/AI.
+ Strong project management skills to keep multiple projects organized and deliver results under tight, demanding deadlines for a high-volume of products and releases while maintaining high-quality and precision.
+ Strong verbal and written communication skills.
+ Ability to challenge the status quo, and to identify untapped opportunities, alternate approaches, and creative solutions to audit products and solutions
+ Proactive approach and anticipation of potential challenges.
+ Work in cross-functional environments with professionals across Deloitte (non-auditors) and various geographic locations.
+ CPA/CA, CIA, CISA or CIPP required
+ Limited Immigration Sponsorship May be Availabile
+ Privacy certifications
+ Data quality and risk experience
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
- Accounting Information Systems
- Business Process Improvement
- Business Processes
- Certified Information Security Manager