Deloitte is one of the leading international professional services firms that offers audit, consulting, corporate finance, enterprise risk, and tax and legal services. Deloitte is represented in six of Russia’s largest cities, including Moscow, Saint Petersburg, Ufa, Ekaterinburg, Novosibirsk and Yuzhno-Sakhalinsk, where over 2100 of our specialists are employed.
Senior Compliance Specialist — CIS Technology Services
— Ensure compliance with government, industrial, client and the Firm's Information Technology and Cyber Security requirements.
— Perform detailed risk assessments, business impact analyses, audits and reviews, which include, developing project plans and work programs, evaluating risks and controls, providing recommendation or advice, and communicating engagement results to appropriate parties.
— Develop Information Technology and Cyber Security related controls, including policies, processes, procedures, reports and draft of contract clauses.
— Develop and perform Information Technology and Cyber Security related awareness campaigns and trainings using different internal media.
— Participate in Incident Response activities.
— Work in a systematic and disciplined approach in accordance with the Firm's standards, particularly; working paper and report writing standards, and ensuring that your professional development plan keeps your expertise current.
— Take responsibility.
— Recognize and critically analyze issues, identify governance, risks and control gaps, and provide practical recommendations.
— Communicate clearly, effectively and in positive manner.
— Provide timely, professional service to our internal and external clients, understand and anticipate their needs, and adapt responses through creative, and engaging approaches.
— Use discretion and tact in handling confidential and sensitive information, and exercise considerable professional judgment regarding interpretation of issues and conflicting requirements.
— Apply internal audit techniques and concepts, and have general knowledge of risk, governance, and control frameworks (e.g., COSO, COBIT) and Information Technology and Information Security standards (e.g., ITIL, ISO/IEC 2700x).
— Present information in oral and written format to all levels of the organization.
— A degree in computer science, management information systems or business.
— A professional certification such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), or another related to Information Technology or Information Security is an advantage.
— Experience in conducting information systems audits, reviews and risk assessment.