Deloitte is a world leading professional services firm, providing accounting and auditing services, management consulting and legal and tax advice. In Belgium we are the largest professional service provider. Our offices offer services to multi-national and large organisations, public institutions and innumerable small, fast-growing companies. Thanks to a strong regional presence and our multi-disciplinary approach, we are ideally placed to meet the requirements of a wide range of public institutions and small and large companies.
Our Risk Advisory practice is a global leader in helping clients manage risk and uncertainty from the boardroom to the network. We provide a broad array of services that allow our clients around the world to better measure, manage and control risk to enhance the reliability of systems and processes throughout their organization.
As an Information Protection Senior Consultant/Manager on our Cyber Risk Services Team, you will help us give our clients visibility into how their business activities collect, use, store, and share their most sensitive data. You will build on your experience in business, information technology, and privacy to develop and operationalize business-aligned information protection programs, policies, and procedures. With your diverse background, you will need to engage and liaise with specialists from IT security, risk management, legal/compliance, privacy, HR, and marketing in order deliver comprehensive and innovative information protection solutions related to data loss prevention (DLP), data inventory creation, and business process data mapping. These solutions will help clients address a wide range of requirements and standards such as GDPR, PCI-DSS, and ISO 27001 (among others).
Specific areas of work may include:
- Collect and review business policies and procedures to understand data processing environments;
- Conduct workshops with client contacts and cyber specialists to document the current state maturity of their processes, systems, and controls;
- Design and implement Data Loss Prevention (DLP), or data governance programs;
- Drive the development of business process data flow maps and data inventories;
- Help develop remediation and transformation roadmaps to improve the maturity of client's information protection and data governance capabilities;
- Maintain and update policies & procedures to ensure practices are accurately documented;
- Create and deploy training & awareness campaigns related to cyber security and information protection;
- Support the development of new business by gathering client requirements and contributing to project proposals;
- Drive the execution of projects, manage the client expectations & relationships, and contribute to the development of the overall Cyber Risk team;
- 3-10 years of information security, data protection, and consulting experience
- Demonstrate knowledge in one or more of the following information security domains, including:
- Privacy and Data Protection
- Security Governance and Management
- Security Policies and Procedures
- Risk Management
- Experience with internal controls, risk assessments, business process and internal IT control testing or operational assessments
- Supervisory experience and demonstrated leadership capabilities (required)
- A university degree in information technology, business administration, or related field (preferred)
- CISSP, CISM, CIPP, or CISA certification (preferred)
- Prior Big 4 or other consulting experience (preferred)
- Team player with a strong focus on developing people
- Prior business development, marketing, or sales experience (preferred)
- Excellent verbal and written communication
- Willingness to perform limited travel
- A challenging, innovating and international environment with a great team spirit where personal development and growth are encouraged.
- A truly dedicated and integrated data protection & privacy leading team
- An attractive and competitive salary package with fringe benefits.
- A people focused culture with real career opportunities