Apply now »

Job Title:  Manager | Risk Management | Pune | Cyber Strategy & Transformation

Job requisition ID ::  87158
Date:  Sep 15, 2025
Location:  Pune
Designation:  Manager
Entity:  Deloitte Touche Tohmatsu India LLP

Risk and Controls Review, Design, and Implementation

 

Responsibilities include:  

  • Support the client CISO and CIO function in developing IT/IS control library for Access management, Cloud security, Data and Records, Security and monitoring, Data Privacy, vulnerability Management etc.
  • Review policies, procedure and key operating documents and assist in rationalize the controls for review to identify potential treatment for Control Definitions based where controls remain, then these will flow into the control design adequacy assessment process to uplift the IT/IS control definition documentation.
  • Perform Control Design Adequacy Assessment of identify controls that require remediation work as well as those that comply to industry good practices (such as COBIT/NIST)
  • Support the client in IT/IS/Data Record control design adequacy assessment of control definitions, workshops with Control Design Owners to discuss identified design gaps and determine appropriate remediation actions including ‘quick wins’ vs material control design uplift requirements.
  • Support the client in enhancement of the Control Definitions through the control Design Adequacy Assessment Process with designing new security controls based on industry standards and Bank requirement.

 

Qualifications:

 

·       Bachelor’s degree (or equivalent experience) with 9-12 years’ experience in Risk Management, Risk and control designing and implementation Preferably with global banking clients.

  • Proven experience in controls assurance, or internal audit, with strong focus on transformation, establishing new framework, methodology etc.

·       ISO 27001, CRISC or CISA Certified Mandatory, CISSP certification Desirable 

·       Information Systems/Network Security knowledge

·       Understanding of Risk Management framework such as NIST, ISO, COBIT or equivalent cyber security framework.  

·       Knowledge of Internal control concepts (e.g., Preventive Controls; Detective Controls; Anti-Fraud Controls; etc.)

·       Strong understanding of regulatory requirements and industry best practices related to controls assurance, relevant to global banking risks – such as Information Technology (IT), Information Security (IS), and/ or Data Management

·       Exceptional communication skills, both verbal and written, with the ability to influence and engage stakeholders at all levels.

·       Experience operating in a regulated environment and managing stakeholders across the Three Lines of Defense.

·       Familiarity with cyber security, resilience and related domains preferred.

 

Apply now »