Company Logo

Privacy and Data Security Consultant


Job Description

Date: 02-Dec-2020

Sydney, NSW, AU

Department: Internal Client Services

Work in a highly innovative and transformative business
Mentoring programs – receive support and coaching to progress your career
Work/life balance with access to flexible work arrangements

This is an exciting opportunity in our internal Confidentiality & Information Security Office (CISO) team, to continue growing a career in information security, confidentiality and risk management as part of the broader Quality & Risk function within Deloitte Australia.

What will your typical day look like?
Your primary role will be to assist identifying and managing privacy and confidentiality risks for Deloitte at an operational level. As part of the role you will provide balanced, risk-based security advice to the various Deloitte business teams. You will conduct data risk assessments and privacy impact assessment for our new initiatives – products, services and acquisitions.

Working as part of the broader CISO team, you will build close relationships with internal teams such as Legal, ITS, Talent and Marketing as well as senior partners and staff across the business and will have every opportunity to develop a highly rewarding profile across Deloitte. Other responsibilities include:

Identify risks and assess applicability of security controls to minimise data and digital risk in applications and systems;
Work with different teams within the firm to risk assess the delivery of services to our clients and provide appropriate recommendations to manage identified risks as well as to achieve privacy by design outcomes;
Support the business with the creation of risk mitigation plans to manage the confidentiality of information when delivering services to clients; and
Support the business by providing security responses to clients as part of the RFP process, and assist in the development and delivery of awareness initiatives.

About the team
Deloitte’s National Confidentiality & Information Security Office (CISO) is a proactive, strategic business partner. Sure, we are the internal function that builds and governs Deloitte’s world-class security and privacy programs. But we also help our client service teams win work, build secure new solutions and take rewarded risks whilst keeping security at the centre of everything they do.

Fundamentally, we work to ensure the proper safeguards are in place to protect the confidentiality, security and privacy of the data in Deloitte’s custody. In doing so, we are making an impact that matters by protecting our clients, our people and our brand.

We are professional, passionate, creative and driven to succeed. Are you?

Enough about us, let’s talk about you.
You have around 1 - 5 years of applied risk management experience, with strong interpersonal, listening and stakeholder management skills. Strong written and oral communication skills are necessary, and also the ability to take theoretical concepts, contextualize them and provide practical and relevant advice to the business. You should have familiarity with risk assessment methodologies, and have at least a bachelor’s degree in the field of Information Security, Law with focus in ICT or highly related programs.

Understanding of cloud environments (AWS, Azure, GCP).
Experience undertaking risk assessments, controls improvement and compliance assurance, and an understanding of the Privacy Act 1988 and the Australian Privacy Principles.
Ability to communicate ideas to technical and non-technical audiences, and be highly self-motivated and directed.

Why Deloitte?
At Deloitte, we create positively differentiated work experiences that enable our people to feel valued and achieve their full potential. We value difference and embrace people with diverse backgrounds and thinking styles. Knowing that people work best in different ways, we are happy to discuss alternative arrangements if the working pattern you are looking for is not specifically indicated.