Job Title:  T&T | Cyber Strategy & Transformation | Deputy Manager | GRC Specialist | Bangalore

Job requisition ID ::  108948
Date:  Jul 17, 2026
Location:  Hyderabad
Designation:  Deputy Manager
Entity:  Deloitte Touche Tohmatsu India LLP

T&T | Cyber Strategy & Transformation | Deputy Manager | GRC Specialist | Bangalore
Job requisition ID : 108948 
Location: Hyderabad
Entity: Deloitte Touche Tohmatsu India LLP 


The Team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about Cybersecurity 

 

Your work profile:

 GRC Specialist (DM)

This role is responsible for managing and validating cybersecurity controls across the organization, ensuring compliance with regulatory and internal requirements. You will focus on security control interpretation, evidence validation, and audit support across domains including but not limited to Cryptography, DLP, Endpoint Security, and Network Security.

 

Key Skills Required:

•                    Strong understanding of cybersecurity controls across domains including Cryptography, DLP, Endpoint Security, and Network Security.

•                    Work closely with technology and security teams to manage and support implementation of cybersecurity controls.

•                    Translate control requirements into:

o  Technical expectations for implementation teams

o  Control validation approaches to assess effectiveness

o  Assess control effectiveness and identify gaps in implementation

•                    Manage and complete cybersecurity due diligence questionnaires from clients, partners, and vendors.

•                    Coordinate with internal stakeholders to gather accurate responses and supporting evidence.

•                    Ensure responses are technically accurate and aligned with organizational policies and controls.

•                    Track questionnaire status, timelines, and outcomes.

•                    Oversee the collection, validation, and documentation of evidence to support control compliance and audit requirements.

•                    Analyze control validation results, identify control weaknesses, and escalate critical risks to senior management.

•                    Support and manage regulatory and audit activities, including evidence collection, validation, and remediation tracking.

•                    Develop and maintain strong knowledge of regulatory frameworks including APRA, ASIC, ISO 27001, NIST, CPS 234 (Information Security), CPS 220 (Risk Management), and CPS 232 (Business Continuity).

•                    Recommend and implement improvements to control validation processes, documentation, and reporting mechanisms.

•                    Foster strong understanding of cybersecurity controls, risk, and compliance requirements across teams.

•                    Stay updated on evolving cybersecurity threats, regulatory requirements, and industry best practices to ensure ongoing compliance and effectiveness.

•                    Bachelor’s degree in computer science, Information Technology, or a related field.

•                    6-8 years of experience in Cybersecurity GRC, Cyber control reviews and assessment, Cyber control testing and or a similar role with a focus on security controls.

•                    Strong understanding of:

o  Cryptography and PKI (TLS, certificates)

o  Data Loss Prevention (DLP)

o  Endpoint and Network security controls

•                    Experience with security frameworks (NIST CSF, CIS, ISO 27001).

•                    Strong understanding of control frameworks and standards (e.g., ISO 27001, NIST, SOX, COBIT, GDPR, APRA and other regional regulations)

•                    Strong analytical and problem-solving skills.

•                    Excellent communication and documentation skills.

•                    Ability to manage multiple priorities and work independently.

Good to Have:

•                    Experience with GRC tools such as:

o  ServiceNow GRC

o  IBM OpenPages

•                    Exposure to automation or scripting for evidence collection.

•                    Familiarity with cloud environments (AWS / Azure).

•                    CISSP, CISA, CRISC, ISO 27001 Lead Auditor/Implementer is preferred