Assistant Manager, Insider Threat, Deloitte Business Security, QRS, Enablin

at  Deloitte

REQ #

17168
Job description

CONNECT TO YOUR INDUSTRY

Do you have a naturally inquisitive mind? Do you see a challenge instead of a problem? Do you enjoy working through complex challenges, and do you have an interest in people risk and security and want to learn more? Are you a people person? Then this is the role for you. We are looking for a assistant manager to join the Insider Threat team. You will be helping the team safeguard Deloitte’s data brand and reputation, as well as manage the complex personnel risks Deloitte face daily, and you’ll be able to make an impact that matters and drive positive security change.
We are proud to offer flexible working arrangements which allow our people to choose the most suitable working arrangement that works for them. Whether this is working 4 days per week, taking the summer months off work, or more flexibility around your working pattern, we consider both formal and informal working arrangements that allow our people and our clients the best outcome.
If you would like to hear more about our flexible working arrangements, please let us know.
Connect to your career at Deloitte
Deloitte drives progress. Using our vast range of expertise, we help our clients’ become leaders wherever they choose to compete. To do this, we invest in outstanding people. We build teams of future thinkers, with diverse talents and backgrounds, and empower them all to reach for and achieve more.
What brings us all together at Deloitte? It’s how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for measurable impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most.

CONNECT TO YOUR OPPORTUNITY

Our Insider Threat team focusses on the risks associated with our people and their use of technology. We are tasked with preventing, detecting and responding to incidents involving Deloitte personnel. As an Asset & Data Loss Manager you would be responsible for:

• Working closely with HR and internal clients to ensure consistent and proportionate management approach for dealing with the results of an investigation.
• Working closely with specialist teams throughout Quality, Risk & Security, Technology & Digital Services and Human Resources to protect the firm’s brand and reputation and promote a positive security culture
• Assisting colleagues in Financial Crime, Ethics and Employee Relations teams in conducting sensitive investigations
• Keeping up to date with external insider threat cases and trends to help safeguard Deloitte and our people
• Using state of the art user behaviour analytics software to safeguard our brand and reputation
• Implementing our Insider Threat strategy, identifying risk areas and seeking opportunities for mitigation and continuous improvement
• Developing and implementing security policies and procedures to protect the company’s assets and data from loss, theft, or damage.
• Developing and maintaining relationships with key stakeholders, including senior management, business unit leaders, and external partners.
• Working with stakeholders to develop and implement security policies and procedures that align with business objectives and regulatory requirements.
• Coordinating the response to data loss incidents, including interviewing investigations subjects, managing stakeholder expectations and providing recommendations for remediation
• Working effectively in diverse teams within an inclusive team culture where people are recognised for their contribution
• Assessing and implementing lessons identified through actual incidents and training packages delivered to the business

CONNECT TO YOUR SKILLS AND PROFESSIONAL EXPERIENCE

Essential:

• Experience of and demonstrable interest in working in the areas of Risk Management and/or compliance.
• Experience of understanding and evaluation of security requirements and corresponding controls (technical, physical, and administrative).
• Ability to work under own initiative and effectively prioritise workloads under pressure, where appropriate escalating issues in a timely manner
• Ability to effectively communicate business and technical risk to varied audiences, strong stakeholder management skills, and to understand technology systems and applications from both a technical and business function perspective. We have diverse and global teams that we work alongside and collaborating positively with them is critical to our shared success
• Problem solving – understanding that sometimes there isn’t a simple answer to some of the challenges we face, but having the ability to empathise with others, be pragmatic and take a risk-based approach to problems can enable the business to overcome those challenges and deliver what they need to securely
• A desire for continued learning is essential, with a willingness to develop skills in security, confidentiality, privacy, and risk management
• Excellent interpersonal skills and the ability to develop relationships and manage stakeholders at all levels
• Keeping a positive attitude, maintaining a high ethical standard and being able to adapt to changing priorities is key, as well as being able to ask for help, support or guidance from the team when needed – we succeed when you succeed

Desirable:

• Experienced information security and risk professional skilled in incident management
• Understanding of project management processes, and the ability to manage key deliverables
• Formal security qualification (CISM or equivalent)
• Experience management within teams and developing others
• Working with or building technology based incident management solutions

• Working closely with HR and internal clients to ensure consistent and proportionate management approach for dealing with the results of an investigation.
• Working closely with specialist teams throughout Quality, Risk & Security, Technology & Digital Services and Human Resources to protect the firm’s brand and reputation and promote a positive security culture
• Assisting colleagues in Financial Crime, Ethics and Employee Relations teams in conducting sensitive investigations
• Keeping up to date with external insider threat cases and trends to help safeguard Deloitte and our people
• Using state of the art user behaviour analytics software to safeguard our brand and reputation
• Implementing our Insider Threat strategy, identifying risk areas and seeking opportunities for mitigation and continuous improvement
• Developing and implementing security policies and procedures to protect the company’s assets and data from loss, theft, or damage.
• Developing and maintaining relationships with key stakeholders, including senior management, business unit leaders, and external partners.
• Working with stakeholders to develop and implement security policies and procedures that align with business objectives and regulatory requirements.
• Coordinating the response to data loss incidents, including interviewing investigations subjects, managing stakeholder expectations and providing recommendations for remediation
• Working effectively in diverse teams within an inclusive team culture where people are recognised for their contribution
• Assessing and implementing lessons identified through actual incidents and training packages delivered to the busines