Deloitte Technology Cybersecurity - Assistant Manager, Security Inquiry Response Centre (SIRC)

Posted 18 days 16 hours ago by Deloitte LLP

Permanent
Full Time
I.T. & Communications Jobs
Not Specified, United Kingdom
Job Description
Overview

As a SIRC Senior Analyst within Deloitte Technology's Cybersecurity, Governance, Risk and Compliance team, you will play a pivotal role in addressing client security inquiries for our member firms, clients and regulators.

Responsibilities
  • Address member firm, client, regulatory and audit related information security requests.
  • Identify, gather and pre populate responses using Standard Answer Banks (SABs).
  • Determine remaining questions needing consultation with Management, Client Security Leads (CSLs) or Subject Matter Experts (SMEs).
  • Ensure the quality and consistency of work performed by other team members.
  • Assign and plan tasks for other team members.
  • Highlight and address issues in SABs and assist with their maintenance, improving quality of responses and expanding scope as necessary.
  • Support service queue and mailbox rotation for consistent coverage.
  • Analyze and evaluate security requests, internal/external assessments, and audits.
  • Coordinate internal/external audit requests, including scoping, data gathering and refinement.
  • Assist with evidence gathering and sanitization activities.
  • Build strong relationships with internal stakeholders and maintain regular communication with the management team, member firm CSLs and various SMEs to improve deliverable quality.
  • Contribute to the development of best practices and stay up to date on global security policies, standards and technology.
Qualifications
  • Bachelor's Degree or higher in business administration (or equivalent), a technology related field, or equivalent experience.
  • Relevant demonstrated experience in applying leading practices in a large scale Information Security.
  • Basic knowledge of Information Systems Security, cyber security, IT auditing, IT risk management and compliance and/or vendor security risk management.
  • Working knowledge of various IT risk frameworks, methodologies, leading industry/assurance standards and regulations, as well as attestation reporting frameworks, such as the ISO family of standards (27001/2, ISO 22301, ISO 27017, etc.), NIST, COBIT, SOC2 reporting framework.
  • Basic knowledge of GRC tools (e.g., ServiceNow).
  • Strong analytical and problem solving skills.