Manager-NSE Cyber Security Risk Specialist

Manager-NSE Cyber Security Risk Specialist (T2)/CISO/ITS

Your opportunity

Join our innovative, creative, and inclusive CISO team - a world-class operation with extensive knowledge and experience. You will interface with business and technical teams to bring about change and influence across the entire world of Deloitte. Apply your skills to make things happen and be a part of a great team that is passionate about serving a great purpose.

Work you'll do:

As a Cybersecurity Risk Manager, you will lead the development, implementation, and oversight of the organization's cybersecurity risk management program. You will be responsible for managing a team, driving risk assessment initiatives, ensuring regulatory compliance, and partnering with business and IT leaders to embed security into business processes. This role requires strong leadership, strategic thinking, and deep expertise in cybersecurity risk management frameworks and controls.

Location: Hyderabad

Work shift Timings: 02:00 PM to 11:00 PM

Role Requirement

• Strong experience in Information Security concepts, including Governance, Risk, and Compliance, with hands-on involvement in risk management activities such as conducting risk assessments.
• Demonstrated ability to independently perform risk assessments and provide guidance to teams.
• Solid understanding of compliance-related certifications (e.g., ISO, SOC, GDPR, Cyber Essentials) as well as regional regulatory requirements and audit processes.
• In-depth knowledge of security best practices, ensuring adherence to confidentiality, integrity, and availability principles.
• Responsible for the end-to-end cybersecurity risk ecosystem, ensuring a Risk framework that addresses the firm's strategic CS operational risks.
• Familiarity with OWASP Top Ten vulnerabilities, related tools, and methodologies.
• Basic understanding of project management principles.
• Understanding of service desk tools and workflows.
• Ability to clearly articulate how process changes can lead to improvements.
• Represents the team effectively in meetings with both internal and external stakeholders.
• Strong critical thinking, analytical, and communication skills, with the ability to engage diverse audiences.
• Methodical and logical thinker, capable of problem-solving and identifying solutions with minimal supervision.
• Self-starter who can multitask and thrive in an agile environment.

Role & Responsibilities:

• Support the assessment of current technology infrastructure and applications to identify information security and compliance risk areas.
• Proactively identify security and compliance-related risks to support key business initiatives.
• Articulate remediation requirements in clear, audience-appropriate terms.
• Build business cases tailored to different audiences, including mid-level and senior management.
• Report regularly to the Deputy CISO and CISO on the status of all risk-related activities, including process metrics, issues, and remediation actions.
• Identify key stakeholders and audiences, build consensus, and handle objections to drive transformation.
• Conduct regular meetings and establish a shared vision within the team.
• Collaborate with the wider UK Information Security team, UK Deloitte Business Security, UK IT Services, NSE, and Global Information Security and Risk teams.
• Liaise with risk functions across the information security team and 2nd line functions to support risk governance, process improvement, and reporting obligations.
• Build training materials and conduct awareness sessions on changes to existing processes.
• Liaise with support teams as needed to facilitate training and awareness initiatives.
• Ensure all team members have access to learning and development opportunities to maximize performance.
• Demonstrate proactive responsibility by owning, following up, and resolving issues to positively impact team delivery and inspire others.
• Lead one of the USI councils, such as Continuous Service Improvement, Learning and Development, Process Risk Assessment, or Business Impact Analysis.
• Produce high-quality KPIs and KRIs for governing and managing risk findings.
• Develop management reports, including metric dashboards summarizing KPIs and KRIs, for submission to the firm's security governance and risk committees.
• Prepare weekly/monthly reports capturing key business trends, highlights, lowlights, and metrics for Risk programs including status updates, recommended actions, and supporting evidence.

Tools and Technologies

• Service Now
• Ms Office (Word, PPT, Visio, Excel)
• RSA Archer or similar
• MS Teams

Qualifications

• Any full time Graduation in Computer Science/ Information Security/ any Engineering stream/ others
• 10 to 14 years' experience in a similar role and Enterprise organisation

Technical Certifications

• Must have ISO27001, CISA, CRISC or equivalent
• Good to have ITIL v4 Foundation, CISSP, CISM, CCSP, PMP or equivalent desirable

Our purpose

Deloitte's purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities.

Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.

Professional development

At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India.

Benefits to help you thrive

At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you.

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

Requisition code: 309023

---