- Bachelor Degree
- Related experience reviewing privacy impact assessments or other risk assessments
- Related certifications– CIPP, CIPM, CIPT, CISA, or CISSP
- At least 3 years of relevant experience (e.g., privacy impact assessments, risk assessments, data privacy, or system auditing)
Work you’ll do
Key responsibilities of this position are working as a liaison between the business and technology teams to review privacy and confidentiality risk associated with planned technologies.
Review Privacy Impact Assessment: Upon receipt, review the assessment responses that explain how personally identifiable information (PII) will be protected within the new or updated Deloitte or vendor system. Leveraging the training and ongoing support that will be provided, conduct the following key tasks:
- Identify insufficient responses: Locate responses that do not align with Deloitte policies or standards. Learn how to identify privacy risk and related mitigations.
- Consult with submitter or interviewee: Communicate residual risks or gaps with the submitter of the assessment. Request the submitter to strengthen the privacy controls and/or documentation. Collaborate with various teams during this process (e.g., Information Security, business representatives, Office of General Counsel).
- Determine appropriate next steps: Approve or decline the assessment, and escalate issues as needed.
Conduct Confidentiality Assessment: Learn how to conduct a verbal confidentiality assessment to understand how Confidential Information (CI) will be protected within the new or updated Deloitte or vendor system or Deloitte process.
- Identify risk: Observe demonstrations of new or updated technologies to locate areas of privacy and confidentiality risk.
- Consult with project team and business leadership: Communicate risks or gaps with the project team and business leaders. Request the project team to explain how risk can be mitigated prior to deployment.
- Determine appropriate next steps: Collaborate between business leaders and project team to determine whether changes will be made or whether alternative solutions are viable.
- Technical aptitude and willingness to learn
- Ability to work as a self-starter; ability to track and resolve reviews within your own portfolio and escalate to leadership as necessary
- Ability to remain responsive while tackling new and high-risk reviews
- Ability to identify process improvements to overall process
Assist with other team initiatives:
- Assist in various projects related to mitigating privacy and confidentiality risk for the firm. For example, assessing confidentiality and privacy risk with third parties, new technologies in the marketplace, assessing and helping to deploy new technology safeguards.
Key skills required are as follows:
- Prior experience with performing risk assessment-related activities (e.g., reviewing privacy impact assessments, designing or executing risk assessments, testing the design and operating effectiveness of controls).
- Excellent verbal and written business communication skills.
- Excellent organizational and time management skills.
- Attention to quality and detail a must.
- Ability to work well under pressure: responsiveness, accuracy and sense of urgency are essential to this role.
- Ability to apply critical thinking in evaluating different scenarios.
- Ability to handle confidential and sensitive information with appropriate discretion.
- Ability to prioritize work and work independently; know when to seek guidance.
- Ability to compartmentalize different projects, keep detailed notes, and maintain understanding of the various projects
- Ability to push back when needed, voice concerns in a professional manner, and provide key data points or concerns for supporting the need to push back
- Ability to organize and manage multiple projects at once
Proficiency in MS Office - Word, Excel and PowerPoint. Previous experience of working in SharePoint and Visio a plus.
Application Submission Information:
All applications must be submitted through the firm's careers website to receive consideration. Follow this link to view the full job description and to apply: https://jobs2.deloitte.com/us/en/job/DELOA003X247523/Senior-Consultant-Specialist-Office-of-Confidentiality-Privacy