Cybersecurity Compliance Manager

Deloitte delivers specialized services with expertise in audit, legal services, financial advisory, risk analysis, and consulting. With over 450,000 colleagues supporting us, we view the world from various perspectives and create value across borders, industries, expertise, insights, and generations. Using this knowledge, we help prepare our clients for tomorrow's challenges. Together, we create results.

The team: You will be part of the Nordic CISO Team and will be working out of the Norwegian Head office in Oslo, with an option to work from home when required. You will be part of a fun and collaborative cross-functional team with extensive experience that are truly passionate about our work in securing Deloitte and our clients. We are a team of 9 employees, spread across the Nordic countries. We cover areas such as Governance, Risk and Compliance, Security Architecture, Cybersecurity Assurance and Operations. Your responsibility will be our Cybersecurity Compliance area. 

As a Cybersecurity Compliance Manager, your main task will be to ensure continuous oversight of defined controls related to cyber and information security. The role will involve identifying, evaluating, and interpreting applicable regulatory, statutory, and Deloitte-specific requirements for information security, identifying control deficiencies and associated risks.

Cybersecurity Compliance Manager:

In this position, you will participate in audits, follow up on recommendations from auditors, and communicate status and recommendations to management. You will liaise with Global and Nordic security teams to keep abreast of new initiatives and changes to policies and standard, as well as manage policy exception requests and liaise with teams to complete supporting risk assessments, some specific responsibilities can be (but not limited to):

• Work across the CISO function and other control functions in the firm
• Maintain our compliance registry and plan and perform systematic testing of the baseline control set
• Track organizational compliance against our Member Firm Standards for security and mandated security frameworks and policy requirements
• Support ongoing maintenance of the firm’s ISO 27001 and other relevant certifications
• Ensure alignment with the firm’s cyber strategy framework
• Assist with internal and external audit requests for the purposes on reporting on the status of key security controls
• Produce management reporting for submission to the firm’s security governance and risk committees

Who are we looking for?

We do believe that you have some experience from working in a Cybersecurity function, and that you have a solid and practical experience in auditing, information security, or risk-related roles. You might also have:

• Certification in CISA, CISM, CISSP, CRISC or Lead Auditor 27001
• Experience from high level matrix organization
• Relevant education, BSc or MSc

You must be fluent in English. We believe you have good communication skills, both verbal and written.

Why Deloitte?

We have a large and varied set of offerings and benefits for our employees. What we are most proud of is the focus we have on our people. Here are some of the things our colleagues say they appreciate most as employees of Deloitte:

• The people – "No sharp elbows, and everyone is equally important, whether you're a graduate or a partner – you feel seen and valued as a person and colleague."
• Co-determination in your own development – "Your role develops with you through guidance from your own coach that helps you identify and exploit your own strengths, and creates space to develop as a leader."
• Continuous development – "Variation in tasks, assignments and customers always brings new challenges, but in a safe environment around genuinely supportive and helpful colleagues"
• Maternity- /parental leave – "Leave sponsor, free midwifery classes and maternity reunions? Yes please! With a new boss at home, it is especially important to have a workplace that facilitates well for the time outside the office."
• The cohesion of the team – "You love the people you work with and make good friends at work."
• Attention on work-life balance – "Your needs are well met. For example, there is good communication and resolution between the desired overtime and actual overtime."

There is a variety of tasks and client engagements lined up waiting for the right people to perform them.

Next steps 

We would like to receive your CV and relevant documents by 24.11.2024 Please note that we will contact relevant candidates on an ongoing basis. Instead of a traditional cover letter, we would like you to answer these questions instead:

1. Describe your competence: What qualities and skills do you have that you believe are important to succeed in this role?
2.  
3. Describe your motivation: What is the main reason you want this role?

All applications are read, and we look forward to reading YOURS!

If you have any questions regarding the position, you are welcome to contact:

• Kristin Ekornes Strøm, Director, e-mail: krstrom@deloitte.no

For questions about the application process, please contact: Moren Vigen Kolek, e-mail: mkolek@deloitte.no.

Du får muligheten til å jobbe i et selskap som hjelper andre aktører med sin grønne omstilling, samtidig som vi arbeider målrettet med egne ambisjoner innenfor både klima og miljø og samfunnsansvar. Som ansatt i Deloitte integreres bærekraft i arbeidshverdagen, og du får anledning til å bidra i ulike prosjekter og initiativer knyttet til dette.

Som samfunnsaktør, arbeidsgiver og tjenesteleverandør har Deloitte et stort fokus på mangfold og inkludering. Vi ser at ulike perspektiver fremmer nytenkning, gir dypere innsikt og bedre beslutninger, og ikke minst mobiliserer potensialet til medarbeiderne våre! Vi ønsker derfor et stort mangfold blant søkere.