Deloitte Home Page

The IT Security Compliance officer is responsible for supporting and assisting in the management of the organization's IT compliance program. They work closely with IT teams, security professionals, and other stakeholders to ensure that the organization complies with relevant laws, regulations, industry standards, and internal policies pertaining to information security and data privacy.

Key Responsibilities:

• Compliance Monitoring and Auditing:
  • Assist in conducting regular compliance assessments and audits to identify gaps and vulnerabilities.
  • Maintain and enhance our ISO27001 certification by supporting external & internal audit processes and driving continuous improvements in our security posture. This includes overseeing compliance with internal teams as well as ensuring that our suppliers and partners adhere to stringent information security requirements
  • Maintain documentation of audit findings, corrective actions, and compliance reports.
• Policy and Procedure Management:
  • Assist in the development, review, and maintenance of IT security policies and procedures.
  • Ensure that policies are communicated to all relevant personnel and that compliance is tracked.
  • Work with teams to align processes with policy requirements.
• Risk Assessment and Mitigation:
  • Conduct risk assessments to identify security risks and vulnerabilities.
  • Collaborate in developing and implementing risk mitigation strategies and action plans.
  • Regularly monitor and report on the progress of risk mitigation efforts.
• Vendor & Client Security Assessments:
  • Support the assessment of third-party vendors' security practices.
  • Manage the completion of client security questionnaires, due diligence requests, and RFP responses, ensuring accurate and timely delivery of compliance-related information
  • Maintain a record of vendor compliance assessments and findings.
• Documentation Management:
  • Establish and maintain a system for organizing and archiving compliance-related documentation.
  • Ensure that compliance records are up-to-date and readily accessible.
  • Assist in streamlining documentation processes for efficiency.
• Compliance Reporting:
  • Assist in the preparation and submission of compliance reports to regulatory bodies or internal stakeholders.
  • Ensure compliance reporting deadlines are met.
  • Generate compliance dashboards and metrics for management review.
• Continuous Improvement Initiatives:
  • Identify opportunities for process improvements based on audit findings and best practices.
  • Collaborate with teams to implement process enhancements.
  • Monitor and document the impact of process improvements.