Risk & Financial Advisory - Consultant - Third Party Risk Management
- Employer
- Deloitte
- Location
- Minneapolis
- Salary
- Competitive
View more
- Industry
- Financial Services and Banking
- Role
- Manager
- Job Type
- Long-Term
- Hours
- Full Time
You need to sign in or create an account to save a job.
Now hiring in Minneapolis, MN
Risk & Financial Advisory - Consultant - Third Party Risk Management
Unanticipated risks have great consequences for clients. That's especially true today as new risks and complexities brought on by regulatory mandates, rapidly evolving technologies, and the digitalization of business operations are disrupting traditional business models. Deloitte Risk and Financial Advisory's Hybrid-Operate teams deliver next-generation managed services and advanced technology products to help organizations solve complex problems on a long-term basis. Teams do this by bringing together advanced analytics, robust domain knowledge and experience, and strong technology products to help clients monitor, manage, and measure their operational environment for risk.
Given the ever-increasing size and complexity of third-party ecosystems, our clients are increasing leveraging our firm's expertise to implement and operate a wide variety of Third Party Risk Management (TPRM) solutions designed to mitigate risks and drive more value in third party relationships. If you are seeking a role that offers exposure to these clients, Deloitte Risk and Financial Advisory's Cyber practice may be the place for you.
The work you perform will help you develop an understanding of:
the different third-party relationships an organization may have across different industries;the drivers which affect behaviors of business partners, suppliers and customers; andthe operational processes and controls required by an organization to effectively manage and monitor its third-party relationships.Work you will do:Perform ongoing third-party cyber risk assessments to help clients identify and evaluate complex business and technology risks related to their third parties.Comply with delivery SLA's and provide periodic status updates including potential risks and delays to the project delivery to project manager.Perform validation of sub-controls with third parties as per the validation process set by Deloitte and generate the final report in English language.The successful Consultant will demonstrate the following attributes:Excellent interpersonal and communication skills (written, verbal, and presentation)Possess strong analytical and critical thinking/problem-solving skillsStrong computer skills, including good working knowledge of Microsoft Word, Excel, and PowerPointThe team:
The Deloitte Advisory Third-Party Risk Management (TPRM) team, part of our Cyber Risk Services, works with some of the largest organizations in the world, across a variety of industries, to assist organizations in the development and operation of TPRM programs. Our client list includes eminent organizations across industries, e.g. technology, mining, media, pharmaceuticals, oil and gas, public sector and charities.
Our TPRM portfolios of services includes a broad variety of solutions for our clients, including designing and implementing broad third-party governance and risk management frameworks/processes, developing third-party risk and control assessments, and implementing managed services to improve/enhance an organization's TPRM program.
Required Qualifications:1+ yrs of relevant experience in information securityWorking knowledge and understanding of information security and risk frameworks/standards (ISO 27001/2, NIST 800 series, PCI-DSS, etc.)Demonstrate knowledge of key risk areas such as cyber risk, compliance risk and regulatory riskExperience with internal controls, risk assessments, business process, and internal IT control testing or operational auditingDemonstrate knowledge in one or more of the following cyber risk domains, including:Security Governance and ManagementSecurity Policies and ProceduresApplication Security ControlsAccess ControlsNetwork Security OperationsIdentity ManagementDisaster Recovery & Business ContinuityIncident ResponseRisk ManagementPrivacy and Data ProtectionEncryptionAbility to travel 50%, on average, based on the work you do and the clients and industries/sectors you serveMust be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the futurePreferred Qualifications:Degree in Math, Business, Cyber Security, Computer Science, Data Analytics or related fieldCISSP/CISA (or equivalent)Experience with information security audit or assessmentsGood understanding of legal and regulatory requirements around information security and data privacy, such as OCC Bulletin 29, FFIEC, HIPAA Security/Privacy, etc.Prior consulting experienceKnowledge of SOX and SSAE 16 would be an added advantage
Risk & Financial Advisory - Consultant - Third Party Risk Management
Unanticipated risks have great consequences for clients. That's especially true today as new risks and complexities brought on by regulatory mandates, rapidly evolving technologies, and the digitalization of business operations are disrupting traditional business models. Deloitte Risk and Financial Advisory's Hybrid-Operate teams deliver next-generation managed services and advanced technology products to help organizations solve complex problems on a long-term basis. Teams do this by bringing together advanced analytics, robust domain knowledge and experience, and strong technology products to help clients monitor, manage, and measure their operational environment for risk.
Given the ever-increasing size and complexity of third-party ecosystems, our clients are increasing leveraging our firm's expertise to implement and operate a wide variety of Third Party Risk Management (TPRM) solutions designed to mitigate risks and drive more value in third party relationships. If you are seeking a role that offers exposure to these clients, Deloitte Risk and Financial Advisory's Cyber practice may be the place for you.
The work you perform will help you develop an understanding of:
the different third-party relationships an organization may have across different industries;the drivers which affect behaviors of business partners, suppliers and customers; andthe operational processes and controls required by an organization to effectively manage and monitor its third-party relationships.Work you will do:Perform ongoing third-party cyber risk assessments to help clients identify and evaluate complex business and technology risks related to their third parties.Comply with delivery SLA's and provide periodic status updates including potential risks and delays to the project delivery to project manager.Perform validation of sub-controls with third parties as per the validation process set by Deloitte and generate the final report in English language.The successful Consultant will demonstrate the following attributes:Excellent interpersonal and communication skills (written, verbal, and presentation)Possess strong analytical and critical thinking/problem-solving skillsStrong computer skills, including good working knowledge of Microsoft Word, Excel, and PowerPointThe team:
The Deloitte Advisory Third-Party Risk Management (TPRM) team, part of our Cyber Risk Services, works with some of the largest organizations in the world, across a variety of industries, to assist organizations in the development and operation of TPRM programs. Our client list includes eminent organizations across industries, e.g. technology, mining, media, pharmaceuticals, oil and gas, public sector and charities.
Our TPRM portfolios of services includes a broad variety of solutions for our clients, including designing and implementing broad third-party governance and risk management frameworks/processes, developing third-party risk and control assessments, and implementing managed services to improve/enhance an organization's TPRM program.
Required Qualifications:1+ yrs of relevant experience in information securityWorking knowledge and understanding of information security and risk frameworks/standards (ISO 27001/2, NIST 800 series, PCI-DSS, etc.)Demonstrate knowledge of key risk areas such as cyber risk, compliance risk and regulatory riskExperience with internal controls, risk assessments, business process, and internal IT control testing or operational auditingDemonstrate knowledge in one or more of the following cyber risk domains, including:Security Governance and ManagementSecurity Policies and ProceduresApplication Security ControlsAccess ControlsNetwork Security OperationsIdentity ManagementDisaster Recovery & Business ContinuityIncident ResponseRisk ManagementPrivacy and Data ProtectionEncryptionAbility to travel 50%, on average, based on the work you do and the clients and industries/sectors you serveMust be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the futurePreferred Qualifications:Degree in Math, Business, Cyber Security, Computer Science, Data Analytics or related fieldCISSP/CISA (or equivalent)Experience with information security audit or assessmentsGood understanding of legal and regulatory requirements around information security and data privacy, such as OCC Bulletin 29, FFIEC, HIPAA Security/Privacy, etc.Prior consulting experienceKnowledge of SOX and SSAE 16 would be an added advantage
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert