Deloitte leads with purpose, solving complex issues for our clients and communities. Across disciplines and across borders, Deloitte Global supports our network of member firms by developing and driving global strategy, programs, and platforms, and creating new solutions and transformational experiences. Our people share a passion for igniting change and a strong service orientation that shapes our organization and those it supports.
We are seeking a Certification Team Manager. This position is responsible to assist the Senior Manager with delivery of Certification across the Global IT organization, more specifically the end to end delivery and maintenance of Global's industry standard framework assessments and certifications.
The incumbent works closely with the other Global technology groups, leadership and member firm technology teams to ensure effective operation of Deloitte controls via policy and standards. He/she is responsible for obtaining and maintaining certifications for the operations, security, infrastructure, shared services and applications, depending on the defined scope.
This Manager role requires skills that enable the individual to deliver a high level of service to the business and to meet control expectations in a highly available agile infrastructure. Knowledge of core, specialized and technical competencies is required, along with a very solid understanding of an enterprise IT infrastructure operational environment. The incumbent should be a subject matter expert in Information Security processes and standards, as well as industry standard audit frameworks (i.e.- ISO, SOC, SOX).
Role Specific Responsibilities
Primary responsibilities include:
- Manage and continually improve the processes surrounding the ISMS (Information Security Management System)
- Assist in creation of monthly and quarterly reports and metrics related to the ISMS
- Attend bi-annual ISM Management Review meetings to executive committee.
- Attend and actively participate in the bi-weekly ISMS Forum meetings and assist in driving closure on all security related open items
- Liaise with GISO, Project Management and Global Digital Application Studios (GDAS) teams to ensure continued support of the ISMS and compliance to the security related processes
- Coordinate internal and external audits, including but not limited to ISO27001, ISO 27017, ISO 27018 and SOC2
- Manage the end to end Privacy Shield certification process for DTTL business process areas
- Liaise with the Global Privacy Office in GDRP conformance
- Support TME in Global Security initiatives, including standard development, Cyber Acceleration and Global Target Operating Model
- Responsible for execution of the Technology Risk Assessment Process for Global Technology- including risk awareness, risk assessment, risk treatment
- Ensure awareness and compliance with all Information Security Management System policies and standards.
- Report any breaches in information security or policies
- Coach others
- Cross-functional relationship management and support
- Assist in hiring, staffing, management, development, and retention of all reporting personnel
Knowledge Sharing / Documentation
- Contribute to, produce and maintain processes, procedures, operational documentation as well as drive continual improvement initiatives to align technology risk posture to Deloitte's risk appetite.
- Train new staff in technical processes and procedures
Education (degree): Bachelor's Degree in Computer Science or other technology subject or equivalent industry experience.
Years of Experience: 4-7 years technical leadership and management experience in a large global enterprise environment (ideally Microsoft-based). The candidate must have a strong audit, compliance, certification and/or infrastructure operations background. In addition, the incumbent should have experience executing internal and external audits.
Excellent communication and leadership skills.
- Core Microsoft infrastructure applications including but are not limited to: Microsoft Windows Server Operating System, Exchange, IIS, SQL, System Center and other applications as deployed by the firm
- Demonstrates ability to influence decision-making through high level analysis and interpretation of data from multiple sources. Ability to critically analyze results to detect data errors, anomalies or conflicts. Relates analysis to business strategy and process.
- Ability to execute key operational and support processes, identify improvement opportunities and lead the development of the identified improvement and/or risk reduction efforts.
- Executes design activities and establishes standards / leading practices for service design activities
- Strong planning skills, demonstrating the ability to effectively execute and manage multiple activities, with minimal disruption to customers and within agreed upon requirements (product, financial, performance)
- Demonstrated knowledge and strong interest in keeping abreast of Information Technology trends, directions and emerging technologies/risks including systems/technologies integration and design/architecture
- Strong understanding of audit frameworks & technical standards.
- Professional Qualifications are preferred, including:
- Microsoft Qualifications
- Six Sigma
Location: Nashville (Hermitage), TN or Glen Mills, PA