Birmingham, AL, United States
May 01, 2023
Senior Risk & Compliance Analyst - Technology Controls
Work You Will Do:
This position provides quality risk management (QRM) and legal compliance evaluation and monitoring, as well as related support, to the U.S. and Global Audit & Assurance (A&A) Products and Solutions group that develops and deploys innovative technology products and solutions to Deloitte's Audit & Assurance business and its clients. The position is part of the Technology Risk Management (TRM) team, reporting to the Technology Risk Management Team. This role will:
Vendor and Contract Management
Perform risk and compliance reviews, analyses and evaluations of U.S. and Global contracts, statements of work, purchase orders, and non-disclosure agreements.
Support the onboarding of vendors for U.S. and Global A&A technology and innovation products.
Recognize key risk, compliance, business and legal terms and provide related analyses to the QRM Management Team and, when applicable, to the TRM Leader, U.S. and Global Offices of General Counsel (OGC), Audit Risk Management and other stakeholders for reviews, vendor negotiations, and approvals.
Support the Technology Risk Management Team and TRM Leader in the collaboration and consultation among stakeholder groups, such as U.S. and Global OGC, Audit Risk Management, Global Procurement, Global Cyber, Global Privacy, and Third-Party Risk Management (TPRM) Center of Excellence, and product team leadership and business sponsors.
Create and facilitate training and education on vendor management risks to U.S. and Global A&A Products and Solutions group.
Support the management of inquiries from product teams regarding vendor risk management, TPRM process or submissions, and lead discussions with the TPRM Center of Excellence.
Create and collaborate on design, development and implementation of a risk-based evaluation process for Proof of Concepts for technology products deployed with or used in the development and testing of tools.
Maintain a repository of executed contracts and statements of work and related summaries of key compliance, business and legal terms.
Monitor compliance of key contract business and legal terms by vendors and product teams.
Provide other support as directed by the Technology Risk Management Team or TRM Leader.
Open-Source Software (OSS) Compliance
Perform the legal and compliance review of OSS code and libraries, liaising closely with OGC and product teams.
Support meetings with product technical architects and OGC to license review comments.
Coordinate with the product teams in the preparation of OSS notices for each product release.
Maintain a repository of approved OSS for all products.
Conduct periodic reviews of products to confirm compliance with policies.
Create and facilitate education sessions on OSS policies to product teams.
Provide other support as directed by the Technology Risk Management Team or TRM team.
Other Compliance Related Activities
Export Controls and Trade Compliance : coordinate with the Anti-Corruption and Trade Compliance team on specific requests regarding A&A products and solutions.
Bachelor's degree or 3 years experience as a paralegal.
3 years of related experience
Ability to think creatively and be agile to balance and achieve the overall business goals of A&A Products and Solutions while managing the significant risks for a high-volume of products and releases.
Experience with managing multiple and complex projects simultaneously, while delivering results under tight, demanding deadlines and maintaining high-quality and precision.
Excellent written and verbal communication and interpersonal skills and an eye for detail.
Ability to apply concepts of risk assessment and professional skepticism.