IT Risk Management and SOC2 Manager

Description

The IT risk management team specializes in identifying and mitigating technological risks, developing solutions, and enhancing organizational systems and processes to prevent potential business impact. Leveraging local experts with global experience in complex projects, unique methodologies, and advanced technological tools, the team partners with leading companies across technology, industry, and finance. Our projects span collaborations with Deloitte US and the largest organizations in Israel, including major banks and top technology companies traded in the US.

Role Overview

As a Manager in the TPA practice, you will lead and oversee multiple client engagements from initiation through to the reports. You will be responsible for managing project timelines, budgets, and team members, ensuring high-quality deliverables and client satisfaction. Your role will include:

Managing end-to-end IT risk management and assurance engagements, including planning, execution, and reporting.
Overseeing the delivery of Information Security and IT Governance Risk and Compliance (GRC) services.
Leading SOC2 and SOC1 audits, information systems risk assessments, cyber risk surveys, and both external and internal IT audits.
Consulting on and testing automated controls within business processes and organizational systems, and establishing methodologies for IT risk management in cloud and digital environments.
Advising clients on authorization processes and segregation of duties (SoD) in information systems and business operations.
Managing and mentoring team members, allocating resources, and monitoring engagement hours to ensure projects are delivered on time and within budget.
Serving as the primary point of contact for clients, maintaining strong relationships and ensuring their needs are met throughout the engagement lifecycle.

Requirements
Bachelor’s degree – mandatory
5+ years of experience in Information Security, GRC, SOC2/ISO27001, or related fields, with at least 2 years in a managerial or supervisory role
Proven experience managing multiple projects, teams, and budgets simultaneously
High level of English – mandatory
Strong knowledge of security compliance standards (SOC2, SOC1, FedRAMP, CJIS, GDPR, NIST 800-53, etc.) – advantage

**We at Deloitte believe that diversity and inclusion among our people is a critical element in our success and therefore we foster an organizational culture that includes and embraces diversity in all its forms

Share this job