Audit and Assurance Technology Controls - IT Controls Specialist


Deloitte leads with purpose, solving complex issues for our clients and communities. Across disciplines and across borders, Deloitte Global supports our network of member firms by developing and driving global strategy, programs, and platforms, and creating new solutions and transformational experiences. Our people share a passion for igniting change and a strong service orientation that shapes our organization and those it supports.

Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with premier thought leaders in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture?

Do you have experience in risk management and controls? Are you tech savvy? Do you have experience with data analytics and technology fueled by artificial intelligence and/or RPA? Are you ready to bring these worlds together?

Want to make an impact that matters? Consider Deloitte Global.

At Deloitte, we help bring client data to life to enhance the risk assessment process, reveal unexpected patterns and outliers and offer insights. The business world is complex and ever changing and, as a result, Deloitte is helping to redefine audit by infusing our approach with cutting-edge technologies, data analytics and visualizations, and transformative audit delivery models. Lead audit into the future by helping deliver a more dynamic picture to our clients that provides meaningful insights, empowers decision-making, and informs tomorrow's success.

Work you'll do

This position is housed within the Technology Risk Management (TRM) team of the Global Audit & Assurance (A&A) Products and Solutions group that develops and deploys innovative technology products and solutions to Deloitte's A&A business and its clients. As an Information Technology (IT) Controls Specialist - Senior, you will be responsible for testing and monitoring risk and control considerations over technology solutions in multiple IT environments and cloud hosting locations at all stages of application design, development and deployment related to our innovative products and solutions.

Under the guidance and supervision of an IT Controls Manager or Senior Manager, you will drive quality as part of the software development lifecycle (SDLC) using established risk and control frameworks (such as SOX, COBIT, SOC/ISAE, ISO/NIST, etc.) to ensure that development, hosting, deployment and other risk decisions comply with existing firm policies, professional standards, laws and regulations, and other internal and external requirements.

You will assist with the creation of consultation memos resulting from subject matter expert or stakeholder collaboration and coordinate the centralized software review and certification process with Deloitte's National Office. You will collaborate with various groups (e.g., internal IT organization, Deloitte's vendors and IT service providers) and will be required to understand their roles and responsibilities in the overall IT control structure. Further, you will prepare and/or validate IT control-related aspects of product risk assessments and confidential information management plans, as well as assist other TRM team members with reviewing functional and nonfunctional requirements (i.e., user stories and acceptance criteria) and testing scripts to ensure alignment with controls requirements.

You will also conduct compliance procedures within the Deloitte Global technical certification framework for global and regional development hubs. As part of our Global technical certification framework initiative, you will be responsible for understanding the organization's development processes, assessing them against the pre-established framework. In addition, you will continually evaluate the technical certification framework for relevance to existing technologies and process efficiencies and influence adjustments, as needed.

What you'll be part of - our Deloitte Global Culture:

At Deloitte, we expect results. Incredible-tangible-results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and lead global strategies and provide programs and services that unite our network. 

In Deloitte Global, everyone has an opportunity to lead. We see the importance of your perspective and your ability to create value. We want you to fit in-with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out-with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark.

Deloitte Global supports our talented professionals in answering the question: What impact will you make?

How you'll grow:

Deloitte Global inspires leaders at every level. We believe in investing in you, helping you embrace leadership opportunities at every step of your career, and helping you identify and hone your unique strengths. We encourage you to grow by providing formal and informal development programs, coaching and mentoring, and on-the-job challenges. We want you to ask questions, take chances, and explore the possible.

Benefits you'll receive:

Deloitte's Total Rewards program reflects our continued commitment to lead from the front in everything we do - that's why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being needs. We provide the benefits, competitive compensation, and recognition to help sustain your efforts in making an impact that matters.

Corporate Citizenship:

Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with our clients, our people, and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities.

  • Bachelor's degree in Computer Engineering, Management Information Systems, or other related degree.
  • Minimum of 1-2 years of experience in high-performing technology risk organization, or technology risk management professional with experience working in large, complex technology environments, or internal audit experience on clients or companies that are subject to regulatory compliance.
  • Working knowledge of general Information Technology controls (GITC) across multiple IT platforms, including, but not limited to Windows and UNIX/Linux operating systems, SQL server, MongoDB, PostgreSQL, and MySQL databases. 
  • Basic understanding and working knowledge of SOC 1, SOC 2 or ISAE 3402 methodologies.
  • Basic understanding of SDLC in a scaled agile development framework (SAFe).
  • Understanding of cloud computing concepts, including PaaS/IaaS services and SaaS offerings, as they relate to hosting environments (such as Microsoft Azure and Amazon Web Services) and their related controls.
  • Proficiency in Microsoft Office 365 products, especially Word, PowerPoint, SharePoint, Teams, Power BI and Excel.
  • Strong project management skills to keep multiple projects organized and deliver results under tight, demanding deadlines for a high-volume of products and releases while maintaining high-quality and precision.
  • Think strategically about products by gaining thorough understanding of products and processes.
  • Strong conflict management

Other Qualifications:

  • Ability to apply technical audit knowledge to new scenarios.
  • Experience with Microsoft Azure DevOps.
  • Experience with Microsoft Azure hosting environment.
  • Experience with HIPAA, GDPR or other privacy regulations or laws.
  • Familiarity with data analytics and/or technology fueled by machine learning/AI or RPA.
  • ISO/NIST framework knowledge, security analysis experience on ERPs, and identity and access management experience. 
Salary Range
$75,000.00 - 108,000.00
per Year
Salary range estimated by
Glen Mills, PA 19342, US
Apply Now