ServiceNow Developer Senior Solution Advisor

Deloittes Cyber Risk Services help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our services help organizations to address, in a timely manner, pervasive issues, such as identity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise.

Deloittes Cyber Risk Services have been recognized as a leader by a number of independent analyst firms.

IDC MarketScape named Deloitte as a Leader in the first 2024 for Worldwide Cybersecurity Consulting Services: Global System Integrators/Consultancies. Source: Worldwide Systems Integrators/Consultancies for Cybersecurity Consulting Services 2024 Vendor Assessment, By Cathy Huang, Published January 2024 ID#US50463423

Work you will do

As a Senior Consultant in Governance, Risk, and Compliance (GRC)/ Integrated Risk Management (IRM) at Deloitte, you will play a pivotal role and be instrumental in helping our clients manage and mitigate risks associated with their governance, risk management, and compliance activities by focusing on delivering continuous, high-quality GRC services to our clients. This role involves a blend of strategic advisory, process improvement, and technology implementation, tailored to ensure continuous compliance and effective risk management strategies are in place.

This role also involves ensuring compliance with regulatory requirements and managing risks effectively. The ideal candidate will have a strong background in GRC frameworks, excellent analytical skills and adept in developing workflows in GRC tools like ServiceNow, Archer, Aravo or OneTrust

As a Consultant, you would be expected to perform the following activities:

       Take ownership of SDLC efforts for successful build, test, and rollout of GRC solution into production use.

       Conduct thorough risk assessments and implement solutions to minimize exposure and enhance business resilience.

       Well versed with the application deployment and configuration baselines, and understanding of how the application environment operates in a secure environment and how exceptions are handled during operations;

       Utilize GRC tools to automate risk management and compliance monitoring tasks.

       Configure GRC solutions like risk management (enterprise and IT risk), compliance management, issue and corrective action plan management, exception management, policy lifecycle management, privacy management, third party risk management, audit management, threat and vulnerability management, security operations management, business continuity management for clients across industries.

       Understand the business requirement and define & document user stories, create UI mock-ups and having a roll-up the sleeves approach to execute and make things happen.

       Define, enhance, and implement enterprise risk management frameworks based on industry standards and frameworks (e.g. ISO 27001, COSO, COBIT, PCI, NIST, and HIPAA etc.) on GRC technologies such as Archer, ServiceNow or Aravo.

       Ensure compliance with all relevant local, national, and international laws and regulations. Regularly update internal policies to align with changing regulatory landscapes to ensure that they are effectively integrated into the clients' operational processes.

       Provide ongoing support and enhancements to risk management frameworks that align with client objectives and regulatory requirements.

       Assist in developing GRC governance and operating model for the set up and sustainment of the GRC program.

       Prepare detailed reports on compliance activities, risk assessments, and mitigation plans. Ensure all documentation is accurate and audit ready.

The team

Want to work at one of the fastest growing and industry leading risk management consulting firms that will give you an enriching experience to build your career and brand? If yes, then look no further, Deloittes Cyber Risk Services practice is the place for you. The Cyber Governance, Risk, and Compliance (GRC)/ Integrated Risk Management (IRM) is one of the most rapidly growing market offerings with capability spanning - GRC strategy, design, and implementation of GRC & Security solutions using confluence of ServiceNow, Archer, Aravo and OneTrust.

Individuals who take deep personal accountability for their work, have a passion for excellence, driven to achieve their full potential and understand the value of building relationships with clients and the industry, are encouraged to realize our requirement for GRC. The GRC Solution Advisor is expected to have an in- depth understanding of GRC tools as mentioned above, leading practices and have demonstrated experience in the design and implementation of their solutions. Understanding of risk and compliance pain points and how they can be addressed effectively through a scalable and usable GRC technology is key to success in this role. This role involves working closely with clients to understand their needs, designing solutions that leverage all the tools capabilities to enhance their GRC processes, and ensuring the successful implementation and operation of these solutions.

Required:

Education:

       Bachelors degree in Computer Science/ Information Technology, or a related field.

Experience:

       Minimum of 7-10 years of experience in implementing GRC solutions and/or in ServiceNow/Archer/Aravo/OneTrust or cyber strategy.

       Well versed with at least 1 GRC tool such as ServiceNow/Archer/Aravo/OneTrust.

       Gathering and documenting business requirements and identifying gaps within existing systems and processes.

       Hands-on experience on at least 2 GRC modules (ERM, ITRM, TPRM, SecOps, Issues Management, Policy & Compliance Management, etc.).

       Hands-on experience in on-demand and out-of-the-box solution developments, access control, rules & events, notifications, data integrations, UI, reports and dashboards, workflows and other administrative activities in tools like ServiceNow/Archer/Aravo/OneTrust.

       Experience on Privacy Enhancement and Automation tools such as OneTrust.

       Proficient in risk management processes and compliance regulations.

       Proven experience in GRC, particularly within a consulting environment.

About Company

Deloitte is a global professional services firm that provides a wide range of services, including audit and assurance, consulting, tax, risk management, and financial advisory. With a presence in over 150 countries and a network of member firms, Deloitte serves clients across various industries, helping them solve complex business challenges, improve operations, and innovate. Known for its expertise in management consulting, technology solutions, and strategy, Deloitte is one of the Big Four accounting firms and is recognized for its commitment to quality, integrity, and making an impact in the marketplace.