Welcome to Scribd!

Job Specification: Job Title: Information Function: FLSA Status: Role: Professional

Uploaded by

0% found this document useful (0 votes)

20 views2 pages

This role supports risk management, compliance, audits, security awareness and inquiries within the IT department. The Information Security, Risk, and Governance Analyst is responsible for understanding technology risks, ensuring appropriate controls are in place, and ensuring compliance with laws, regulations and standards, with an emphasis on SAP governance and compliance. Key responsibilities include assisting with SAP governance activities, identifying security exposures and developing mitigation strategies, monitoring security processes, implementing security policies, and providing project support and documentation for audits. A technical background in audits, compliance and SAP security is required.

Original Description:

done

Original Title

IT_Governance and Risk Management USI Level 3 Analyst 9-3-14-20150903-201321

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

20 views2 pages

Job Specification: Job Title: Information Function: FLSA Status: Role: Professional

Uploaded by

edwin

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 2

Search inside document

Job Specification

Job Title: Information

Security, Risk, and
Governance Analyst-Mid
career

Function: IT - IRC

FLSA Status:

Role: Professional

Job Code:

Job Family: Information

Security, Risk & Compliance
Management

Grade:

Last Updated: 9/03/2014

Job Summary
This role supports the programs of ITS (Information Technology Services) Governance Risk & Compliance which include
risk management, compliance management, audits & assessments, client inquiries, and security awareness. This position
is specifically responsible for working with Information Security Risk & Compliance (IRC), ITS and other Firm leaders to
understand technology and operational risks related to our internal technology solutions and to ensure that the
appropriate controls are in place to address those risks as well as to comply with relevant laws, regulations, and industry
standards. This role will have a special emphasis on SAP governance and compliance.
Illustrative Duties and Responsibilities
1.

Assist with SAP governance and compliance activities.

Helps identify potential security exposures that currently exist or may pose potential threats to Deloittes networks
or systems. Notifies leadership of potential or existing threats and assists in the development of risk mitigating
strategies. Process Policy and Standard Exceptions once acceptable mitigating controls have been defined and
documented. Maintains database with exception documentation, including mitigating security controls, necessary
approvals, and exception duration.

Assist with IT security practices through the operation and continual monitoring of specific business processes and
reporting on identified metrics to IRC and ITS leadership on a timely basis.

Identifies task owners and negotiate dates for remediation to be complete; tracks progress on remediation of
identified risks and vulnerabilities and provide appropriate reporting to all constituents.

Assist with development and implementation of security policies and procedures (e.g., user log-on and
authentication rules, security auditing procedures, etc.).

Helps implement Security Awareness activities that align with the organizations strategy.

Assist with development and implementation of compliance verification and audit preparedness activities.

Provides project support for assigned security function. This includes assisting with security design and preparing
security documentation for internal process as well as internal/external audits and assessments.

Performs other job-related duties as assigned.

Required Technical Skills

Strong background in audits and compliance. Good knowledge of SAP security concept is required, including
understanding user, role, and authorization approach pertaining to ERP, BI, Portal, HANA and SAP GRC Tool
environments. Prior experience in SAP Security implementations would be a plus. In addition, one or more specialties in
the following applications or classes of tools would be a plus: Microsoft Office skills, industry security frameworks,
Deloittes policies, standards, and security practices, operations, and design.
Required Licenses, Certifications, and Other Requirements

Job Specification
Education & Experience
Bachelors Degree; 3 years of relevant experience

Please see Career Guide for Leveling Descriptors/Behavioral Competencies (Currently under revision/development as
part of this project. This will cover areas such as Leadership, Communications, Work Complexity, Problem Solving, etc. )

Complete Guide to Building an Information Security Program
From Everand
Complete Guide to Building an Information Security Program
David Rauschendorfer
No ratings yet
We Need To Talk: 52 Weeks To Better Cyber-Security
From Everand
We Need To Talk: 52 Weeks To Better Cyber-Security
L. Brent Huston
No ratings yet
Technology Architects
Document3 pages
Technology Architects
Ravi
No ratings yet
Certified Cybersecurity Compliance Professional
From Everand
Certified Cybersecurity Compliance Professional
Dr. Zulk Shamsuddin
Rating: 5 out of 5 stars
5/5 (5)
Salesforce - Internship JD
Document2 pages
Salesforce - Internship JD
Shaswat kumar
No ratings yet
Cyber Security Analyst
Document4 pages
Cyber Security Analyst
Ju Fikson
No ratings yet
SAP Security Senior Analyst
Document2 pages
SAP Security Senior Analyst
Gustavo Blanco
No ratings yet
GRC Consultant - CISO
Document2 pages
GRC Consultant - CISO
azzu
No ratings yet
Tracey Lewis Resume
Document3 pages
Tracey Lewis Resume
Chilly07
No ratings yet
Job Description:: JPC - 6008 Security Cloud Adoption Engineer - Client Job ID - 11952
Document4 pages
Job Description:: JPC - 6008 Security Cloud Adoption Engineer - Client Job ID - 11952
Ishanth Swaroop
No ratings yet
Technology Security Controls
Document2 pages
Technology Security Controls
renusai chitoori
No ratings yet
Information Security/ Operations Manager: Skills Matrix at The Bottom of The CV Puneet Sharma
Document5 pages
Information Security/ Operations Manager: Skills Matrix at The Bottom of The CV Puneet Sharma
Sourabh Sharma
No ratings yet
CompTIA CASP+ CAS-004 Exam Guide: A-Z of Advanced Cybersecurity Concepts, Mock Exams, Real-world Scenarios with Expert Tips (English Edition)
From Everand
CompTIA CASP+ CAS-004 Exam Guide: A-Z of Advanced Cybersecurity Concepts, Mock Exams, Real-world Scenarios with Expert Tips (English Edition)
Dr. Akashdeep Bhardwaj
No ratings yet
L Loftley JR Resume April 2021
Document7 pages
L Loftley JR Resume April 2021
Ashwani kumar
No ratings yet
Network and IT Security Systems Control
Document3 pages
Network and IT Security Systems Control
ehaunter
No ratings yet
Job Description - IS Risk Assessment and Compliance
Document2 pages
Job Description - IS Risk Assessment and Compliance
Ravi Kumar
No ratings yet
Legacy IT Security A Complete Guide - 2019 Edition
From Everand
Legacy IT Security A Complete Guide - 2019 Edition
Gerardus Blokdyk
No ratings yet
Sap Security Roles, Qualifications Etc
Document6 pages
Sap Security Roles, Qualifications Etc
laarigao
No ratings yet
Security Operations Center Job Description Templates
Document20 pages
Security Operations Center Job Description Templates
ep230842
No ratings yet
Security Operations Center - SIEM Use Cases and Cyber Threat Intelligence
From Everand
Security Operations Center - SIEM Use Cases and Cyber Threat Intelligence
Arun E Thomas
No ratings yet
Cybersecurity Analyst - Job Description
Document1 page
Cybersecurity Analyst - Job Description
Jacob Dela Serna
No ratings yet
IT Security Officer - JD
Document3 pages
IT Security Officer - JD
mdc8223
No ratings yet
JD - VP-Project Information Security Risk Lead
Document2 pages
JD - VP-Project Information Security Risk Lead
IGB IGB
No ratings yet
Itlbul2014 02
Document4 pages
Itlbul2014 02
Юлия
No ratings yet
Certified Information Systems Professional
From Everand
Certified Information Systems Professional
Dr. Zulk Shamsuddin
No ratings yet
Professional Summary: Phone No: 9886577788 Email Id
Document3 pages
Professional Summary: Phone No: 9886577788 Email Id
Prakash Battala
No ratings yet
Cs-Csps Niap Ism Job Description Eng v1.1
Document7 pages
Cs-Csps Niap Ism Job Description Eng v1.1
daniel hamdani
No ratings yet
Sample
Document9 pages
Sample
ashh3417
No ratings yet
IT Auditor Job Description Template
Document3 pages
IT Auditor Job Description Template
panelco3.mrbd
No ratings yet
W13-14 Module 006 Security Architecture PDF
Document7 pages
W13-14 Module 006 Security Architecture PDF
Jacob Satorious Excalibur
No ratings yet
Covercio
Document2 pages
Covercio
azzu
No ratings yet
Soc Analyst Resume
Document5 pages
Soc Analyst Resume
e7d8e9bw
100% (1)
Software Testing Interview Questions You'll Most Likely Be Asked: Job Interview Questions Series
From Everand
Software Testing Interview Questions You'll Most Likely Be Asked: Job Interview Questions Series
Vibrant Publishers
No ratings yet
Dice Resume CV Lanre Akin Highlighted
Document3 pages
Dice Resume CV Lanre Akin Highlighted
kavin
No ratings yet
Physical Security Strategy and Process Playbook
From Everand
Physical Security Strategy and Process Playbook
John Kingsley-Hefty
No ratings yet
Jimmy Fallon CyberSecurit
Document6 pages
Jimmy Fallon CyberSecurit
Ashwani kumar
No ratings yet
Rahul Goel
Document3 pages
Rahul Goel
himanshu pandey
No ratings yet
Security Patterns Thesis
Document7 pages
Security Patterns Thesis
angieflorespeoria
100% (2)
Doug Murray USC CISO Resume
Document6 pages
Doug Murray USC CISO Resume
ashok
No ratings yet
Information Security Engineer - Consultant - ISO 27001 - Job Description V 2.0
Document3 pages
Information Security Engineer - Consultant - ISO 27001 - Job Description V 2.0
Ayaz
No ratings yet
GRC Job Description
Document2 pages
GRC Job Description
Lê Duẩn
No ratings yet
SOC Lead
Document15 pages
SOC Lead
raghunandhan.cv
No ratings yet
Security Operations: CISSP, #7
From Everand
Security Operations: CISSP, #7
Selwyn Classen
No ratings yet
Raghavender - SR Security - GRC Consultant
Document8 pages
Raghavender - SR Security - GRC Consultant
raghu
No ratings yet
Assets, Threats and Vulnerabilities
Document31 pages
Assets, Threats and Vulnerabilities
ashish
No ratings yet
IT Asset Management Security A Complete Guide - 2020 Edition
From Everand
IT Asset Management Security A Complete Guide - 2020 Edition
Gerardus Blokdyk
No ratings yet
Information Technology Manager Director in Temple Waco TX Resume Paula Pollei
Document4 pages
Information Technology Manager Director in Temple Waco TX Resume Paula Pollei
PaulaPollei
No ratings yet
Krishnamohan Kandar: Profile Summary
Document3 pages
Krishnamohan Kandar: Profile Summary
Kiran Modi
No ratings yet
Security Analyst - Systems Engineering
Document3 pages
Security Analyst - Systems Engineering
Vivek Girija Dasburma
No ratings yet
IoT Security A Complete Guide - 2020 Edition
From Everand
IoT Security A Complete Guide - 2020 Edition
Gerardus Blokdyk
No ratings yet
Data Security Risk A Complete Guide - 2020 Edition
From Everand
Data Security Risk A Complete Guide - 2020 Edition
Gerardus Blokdyk
No ratings yet
IT Security Operations Engineer (P2)
Document3 pages
IT Security Operations Engineer (P2)
SRISHTI MALHOTRA
No ratings yet
SOC Roles
Document6 pages
SOC Roles
Max
No ratings yet
Job Description: Extensive Reading
Document12 pages
Job Description: Extensive Reading
Natalia Vivona
No ratings yet
IoT Security Tools A Complete Guide - 2019 Edition
From Everand
IoT Security Tools A Complete Guide - 2019 Edition
Gerardus Blokdyk
No ratings yet
Fortify Ssa Consulting Services
Document4 pages
Fortify Ssa Consulting Services
Alireza Hemmati
No ratings yet
Unit-3 Info Secu
Document7 pages
Unit-3 Info Secu
workwithasr04
No ratings yet
Shakira - new-GRC Resume
Document3 pages
Shakira - new-GRC Resume
Muhammed Mugari
No ratings yet
Enterprise DLP As A Program - Phase 1: Project Charter: Whitepaper
Document6 pages
Enterprise DLP As A Program - Phase 1: Project Charter: Whitepaper
Chandrashekar M
0% (1)
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
Document4 pages
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
360 BSI
No ratings yet
Step Back 5x5 Presentation
Document8 pages
Step Back 5x5 Presentation
tim
100% (1)
E Novia Engineering Central
Document364 pages
E Novia Engineering Central
narred74
100% (1)
Mitsubishi Manuals 538
Document242 pages
Mitsubishi Manuals 538
Nui Direk
No ratings yet
2017 Plates Gemini - ENGLISH
Document8 pages
2017 Plates Gemini - ENGLISH
Ahmed Fadhil
No ratings yet
Satr-W-2008 Atyb TR
Document6 pages
Satr-W-2008 Atyb TR
Deo M
No ratings yet
Jadual Pembahagian Penilaian Berterusan Scribd
Document7 pages
Jadual Pembahagian Penilaian Berterusan Scribd
ZAKEY ABDUL
No ratings yet
ECP Expert 2ev: User and Maintenance Manual
Document28 pages
ECP Expert 2ev: User and Maintenance Manual
kimolos
No ratings yet
Sat Saheb
Document7 pages
Sat Saheb
AMIT JHA
No ratings yet
Annexure D - SPIR PDF
Document4 pages
Annexure D - SPIR PDF
harmlesdragon
No ratings yet
Executive Summary Business Plan
Document30 pages
Executive Summary Business Plan
Siddiq Ahmed
91% (11)
The Dry Port Concept
Document103 pages
The Dry Port Concept
Cristian Marciales
No ratings yet
One Tracking Device, Multiple Applications: Fleet Management Track & Trace Security Data Mining - Analytics
Document8 pages
One Tracking Device, Multiple Applications: Fleet Management Track & Trace Security Data Mining - Analytics
djcesarv
No ratings yet
TK13A65U: Switching Regulator Applications
Document6 pages
TK13A65U: Switching Regulator Applications
Bruno Souto
No ratings yet
CHE244 Lab Report Effect of Residence Ti
Document26 pages
CHE244 Lab Report Effect of Residence Ti
wan nur mursyidah
No ratings yet
Global Paint and Coatings 2013-2018
Document8 pages
Global Paint and Coatings 2013-2018
Julio Sanz
No ratings yet
3.1. Design Goals and Objectives
Document7 pages
3.1. Design Goals and Objectives
shimelis
No ratings yet
Lecture 4.1
Document31 pages
Lecture 4.1
VershiyiLambert
No ratings yet
Group 10 Poletown Dilemma
Document3 pages
Group 10 Poletown Dilemma
Naveen Choudhury
100% (1)
MSA safetySCOPE - European Product Portfolio. Available From Coyle & Associates (WWW - Canda.ie)
Document144 pages
MSA safetySCOPE - European Product Portfolio. Available From Coyle & Associates (WWW - Canda.ie)
Coyle & Associates
100% (1)
Grinding Machine Definition
Document8 pages
Grinding Machine Definition
Omkar Bhoyar
No ratings yet
Bos 50633
Document2 pages
Bos 50633
Krishna Sharma
No ratings yet
South Dhahran Home Ownership Project: Request For Information (RFI)
Document1 page
South Dhahran Home Ownership Project: Request For Information (RFI)
RAJEEV KUMAR
No ratings yet
Reva
Document74 pages
Reva
Vennia Papadipoulou
No ratings yet
WAE200 Pre-Course Review Activities
Document36 pages
WAE200 Pre-Course Review Activities
Joel Kionisala
50% (2)
Karla CV English
Document3 pages
Karla CV English
api-259644073
No ratings yet
Tool Post Grinder
Document28 pages
Tool Post Grinder
Boopathi Kalai
No ratings yet
Well Testing Brochure
Document24 pages
Well Testing Brochure
Fabricetoussaint
100% (1)
Architectural Requirements For Cloud Computing Systems
Document20 pages
Architectural Requirements For Cloud Computing Systems
Sendhil Kumar
No ratings yet
Risk Assessment Grandparents Day
Document5 pages
Risk Assessment Grandparents Day
api-436147740
No ratings yet
E 10231
Document1,024 pages
E 10231
Gab Ant
No ratings yet