Confidentiality & Privacy Risk Manager - Technology Assessments
Confidentiality & Privacy is seeking an experienced Manager to contribute to strategic priorities and mitigation of confidentiality and privacy risks across the Deloitte US Firms. This role will primarily support the operational processes in evaluating technologies for confidentiality and privacy risks and may also participate in key strategic priorities. The successful candidate will be expected to quickly build subject matter expertise in the US Firms' confidentiality and privacy policies while providing impactful contributions to technology risk management. He or she will be expected to participate and manage confidentiality and privacy initiatives designed to safeguard confidential information and protect Deloitte's brand and reputation.
Recruiting for this role ends on December 2nd, 2024.
Work you'll do
Lead Confidentiality and Privacy Impact Assessments.Complete technical reviews for systems in development, being procured, or undergoing changes to evaluate for vulnerabilities and/or gaps in established controls, recommend mitigation measures. Updateandtrack activities methodically with relentless attention to quality, accuracy,and timeliness.
Conduct risk assessment of established and emerging technologies such as artificial intelligence, internet of things, and metaverse technologies, and follow-up on progress of remediation activities.
Review and advise on technical requirements, vendor solutions, and data protection features of applications and systems utilized and/or delivered by the Deloitte US Firms.
Serve as the subject matter expert who business teams can turn to and rely on for timely and impactful guidance regarding confidentiality, privacy, technology, and risk.
Coordinate with leadership and key stakeholders to prioritize and complete assessments.
Prepare and presentanalyses for leadership/management.
Develop in-depth understanding of the US Firms' businesses and enabling areas to provide quick response and guidance based on potential risks to Deloitte.
Lead projects to develop, implement or enhance the US Firms' confidentiality and privacy risk program.
Contribute to the design, development, and deployment of technology solutions to enhance confidentiality and privacy processes and mitigate risk.
The successful candidate will possess:
Demonstrated track record in sound judgment, investigation, strong attention to detail, and persistence in following/driving assessments to conclusion.
Excellent organizational, communications (oral and written), problem solving, and interpersonal skills.
Strong client service orientation - our stakeholders expect and deserve high quality work products and effective resolution of identified issues.
Executive presence, strong facilitation skills.
Remain calm while retaining your ability to influence others in high pressure situations.
Highly collaborative work ethic with demonstrated agility and strong teaming skills.
Strong project management skills exhibiting an ability to prioritize and multi-task across various initiatives and activities.
Quick and eager learner to apply new skills and technologies in a results-oriented manner.
Demonstrated track record of adding value through a combination of deep technical expertise, professional judgment, and process/program/project ownership.
Experience and proficiency in MS Office products to include Word, PowerPoint, Excel, and Teams.
The team
Managing risk across the Deloitte US firms is of utmost importance. As a manager in National Risk, you will help to proactively identify, mitigate, manage, and monitor risks. You will also have opportunities to contribute to strategic initiatives of the Deloitte US firms and interact with risk and business leaders. This interesting and diverse role provides an exciting opportunity for professional growth.
Qualifications: Required:
BA/BS in computer science, management information systems, cybersecurity, or related field or significant privacy industry experience required.
7+ years of related experience, including a minimum of 5 years in Risk Management, technology risk, privacy, or cyber security. Prior experience in project delivery or quality management strongly preferred.
Knowledge of technologies used to collect, share, access and use personal data such as cookies, web beacons, data warehouse, and web analytic and decision support software.
Experience with privacy platform software preferred.
Knowledge of U.S. privacy legislation such as HIPAA, CAN-SPAM, COPPA, FCRA, GLBA, stated privacy laws, state data breach laws and the capability to apply regulatory requirements within an operational context.
Working hours must allow for collaboration with colleagues in India and may require starting no later than 9:00 ET.
Limited immigration sponsorship may be available
Ability to travel 0-10%, on average, based on the work you do and the clients and industries/sectors you serve
Preferred:
Certified International Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified Information Privacy Technologist (CIPT), Certified Information Security Systems Professional (CISSP), or Certified Information Systems Auditor (CISA) certification.
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $88,600to $181,900.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
EA_ExpHire
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.