Description:
The Cybersecurity Controls Testing Analyst will be responsbile for the following:
- Support the planning, execution, and reporting of cybersecurity compliance testing across DTTL shared services.
- Perform control testing activities to assess compliance against Deloitte’s internal cybersecurity standards, including evidence collection, validation, and documentation.
- Identify, track, and report control gaps, risks, and non-compliance issues to stakeholders, and assist in developing remediation recommendations.
- Collaborate with global shared service teams, cyber risk specialists, and other enabling functions to ensure consistent application of compliance requirements.
- Assist in developing standardized testing methodologies, templates, and reporting mechanisms to enhance efficiency and transparency of the program.
- Support in preparing updates and presentations for senior leadership on testing outcomes, trends, and areas requiring attention.
- Contribute to the development of key performance indicators (KPIs) and dashboards to monitor compliance program progress and effectiveness.
- Stay current on cybersecurity trends, regulatory developments, and industry best practices to inform testing and risk management activities.
- Help promote a culture of controls compliance within Global enabling function teams.
About The Team
Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.
Qualifications
Enough about us, let’s talk about you
Do you possess the following?:
- Bachelor’s degree in information systems, Computer Science, Cybersecurity, Engineering, or a related field.
- Relevant certifications such as ISO 27001 Lead Auditor, CISA, CRISC, Security+, or similar are desirable.
- 3–5 years of professional experience in information security, IT risk management, compliance, or related roles.
- Experience conducting compliance testing, audits, or assessments against internal standards, ISO 27001, NIST, or similar frameworks.
- Strong understanding of cybersecurity controls such as identity & access management, vulnerability management, data protection, and incident management.
- Experience working in a large, global, matrixed organization is an advantage.
- Solid knowledge of risk and compliance methodologies and cybersecurity fundamentals.
- Strong analytical, problem-solving, and critical thinking skills.
- Excellent written and verbal communication skills, with the ability to summarize complex technical information for diverse stakeholders.
- Strong organizational skills with the ability to manage multiple priorities in a fast-paced environment.
- Collaborative mindset and ability to work effectively across global teams and cultures.
- Proficiency with tools such as ServiceNow, GRC platforms, or compliance testing tools is a plus.