Apply now »

Job Title:  Assistant Manager | Risk Management | Pune | Cyber Strategy & Transformation

Job requisition ID ::  98200
Date:  Feb 11, 2026
Location:  Pune
Designation:  Assistant Manager
Entity:  Deloitte Touche Tohmatsu India LLP

#1 - Job Title- Assistant Manager / Deputy Manager – Cyber Control Assessment & Compliance

Location - Pune / Bangalore

Level- AM / DM

 

Role Summary

The Cyber Control Assessment professional will be responsible for evaluating the design and operating effectiveness of cybersecurity controls across technology, applications, infrastructure, and third-party environments. The role focuses on cyber control reviews, regulatory and internal compliance assessments, and review of cybersecurity policies, standards, and procedures to ensure alignment with industry best practices and regulatory expectations.

The role requires close collaboration with IT, Information Security, Risk, Compliance, Internal Audit, and business stakeholders to identify control gaps, recommend remediation actions, and support continuous improvement of the organization’s cyber risk posture.

 

Key Responsibilities

Cyber Control Assessment & Review

  • Perform cyber control assessments to evaluate the design and operating effectiveness of security controls across:
  • Network, infrastructure, cloud, and endpoint environments
  • Any Graduate
  • Identity and Access Management (IAM)
  • Application security and SDLC controls
  • Data protection and encryption controls
  • Incident response and cyber resilience controls
  • Assess alignment of controls with established frameworks such as ISO 27001, NIST CSF, NIST 800-53, CIS Controls, and internal security standards.
  • Identify control gaps, weaknesses, and improvement areas, and provide risk-based recommendations.
  • Support control rationalization and optimization initiatives to reduce redundancy and improve efficiency.

 

Policy, Standards & Procedure Review

  • Review and assess cybersecurity policies, standards, and procedures to ensure:
  • Alignment with regulatory requirements and industry best practices
  • Consistency across enterprise environments
  • Clear articulation of roles, responsibilities, and control ownership
  • Support the development, update, and rollout of information security policies, standards, and operating procedures.
  • Validate that policies and procedures are effectively implemented through control testing and evidence reviews.
  • Facilitate periodic policy reviews and support policy governance processes.

 

Risk Management & Reporting

  • Contribute to cyber risk assessments and risk treatment plans by mapping risks to control gaps.
  • Document assessment results in clear, concise reports suitable for senior management and audit committees.
  • Provide input into cyber risk registers and support ongoing risk monitoring activities.
  • Develop and maintain KRIs, control metrics, and compliance dashboards.

 

Stakeholder Management & Advisory

  • Act as a trusted advisor to IT and business teams on cyber control design, compliance expectations, and remediation approaches.
  • Coordinate with multiple stakeholders across geographies to execute assessments efficiently.
  • Provide guidance and mentoring to junior team members on control assessment methodologies and documentation standards.

 

Apply now »