Senior IT Risk & Compliance Analyst
What impact will you make?
At Deloitte, we offer a unique and exceptional career experience to inspire and empower talents like you to make an impact that matters for our clients, people and community. Whatever your aspirations, Deloitte offers you a highly inclusive, collaborative workplace and unrivalled opportunities to realize your full potential. We are always looking for people with the relentless energy to push themselves further, and to find new avenues and unique ways to reach our shared goals.
So what are you waiting for? Join the winning team now. Work you'll do
Your role as a leader
- Assist in risk management activities for ISO27001 across the region.
- Gathering metrics and measurements on the overall effectiveness of information security controls and report to the management.
- Deliver 3rd party vendor risk assessment and support external security due diligence surveys.
- Performs routine and on-demand system compliance reviews including system and device security patch compliance status, user account activity, network resource, configuration, etc. and reports on compliance to the management.
- Support security operation team to ensure compliance on security related processes such as incident, change, monitoring and documents management.
- Track and monitor corrective action status for IT related issues until closure.
- Assists in developing, maintaining and updating policies, processes and procedures to comply with organizational requirements, ISO 27001 compliance requirements and information technology security best practices.
- Participate in new projects and product introduction to the users and teams in the region to ensure compliance to policies and processes.
- Guide and supervise junior staffs on risk and compliance related matters.
At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves everyday to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. In addition to living our purpose, Analysts across our Firm are expected to:
- Understand the expectations set and demonstrates personal accountability for keeping own performance on track.
- Understand how our daily work contributes to the priorities of the team and the business.
- Demonstrate strong commitment to personal learning and development.
- Actively focus on developing effective communication and relationship-building skills, with stakeholders, clients and team.
- Work effectively in diverse teams within a highly inclusive team culture where everyone is supported, respected and recognized for their contribution.
Due to volume of applications, we regret only shortlisted candidates will be notified.
- Ability to be effective in a cross-border team environment, presenting issues, clearly explaining issues, and ability to come to an agreed upon resolution of the various security concerns/needs of the organization.
- Self-starter with a drive to excel and belief in making changes that matter.
- Strong, clear and effective oral and written English skills.
- Demonstrating a commitment to learning, development and teamwork. Emphasis will be placed on working with team resources and colleagues throughout the organization.
- Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic environment, requiring flexibility and responsiveness to organizational security needs.
- Familiarity with information protection laws in the region and common security frameworks are added advantages.
- Relevant professional qualifications such as CISA / CGEIT / CRISC / ISO 27001 Lead Auditor or possessed >3 years IT audit experience would be an advantage.
In Malaysia, the services are provided by Deloitte and other related entities in Malaysia ("Deloitte in Malaysia"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Malaysia, which is within the Deloitte Network, is the entity that is providing this Website.
Requisition code: MI70-171858-2019