Exceptions Management

Description:

As a Exceptions Management, you will support Deloitte Technology by governing cyber risks, managing the Cyber Risk Register, guiding security exceptions processes, and collaborating with global teams to ensure effective cyber risk mitigation. This role sits within Deloitte Global, driving cybersecurity governance and risk activities across the enterprise.

Key Responsibilities:

• Govern cyber risks within the Deloitte Technology Cyber Risk Register.

• Maintain alignment between the Cyber Risk Framework and Enterprise Risk Framework.

• Partner with technology teams to assess, mitigate, and manage cyber risks.

• Support cyber risk ownership and risk appetite alignment across teams.

• Review and challenge cyber risk assessments and remediation processes.

• Process and analyze exceptions to global cyber security policies and standards.

• Ensure complete information is provided for exception reviews.

• Offer guidance throughout the exception management lifecycle.

• Present risk analysis and exceptions reporting to Cyber, Risk, and Technology leadership.

• Contribute to the development and continuous improvement of policies and standards.

• Build relationships with cybersecurity, technology, legal, and risk stakeholders.

• Serve as a trusted advisor on cyber security policies and best practices.

Qualifications:

• Bachelor’s degree in a technology-related field or equivalent experience.

• Experience in cybersecurity risk management, governance, and exceptions management.

• Experience with GRC tools and risk mitigation frameworks.

• Knowledge of ISO 27001, SOC 2, NIST 800-32.

• Strong understanding of cyber controls, policies, and procedures.

• Strong analytical and problem-solving skills.

• Ability to explain complex security risks to technical and non-technical audiences.

• Preferred certifications: CISSP, CISM, CRISC.

• Excellent written and verbal communication skills.

Desired Characteristics:

• Strong interpersonal and collaborative skills.

• Ability to influence and communicate with diverse stakeholders.

• Detail-oriented with strong analytical judgment.

• Comfortable working in a global, cross-functional environment.

• Proactive mindset and commitment to continuous improvement.

Additional Requirements:

• Hybrid work model.

• Commitment to Deloitte values, diversity, and inclusive practices.

• May require working across multiple time zones depending on project needs.