Technology Risk Senior Specialist

Position summary

As a Technology Risk Senior Specialist, you will provide qualityrisk management (QRM) and legal compliance evaluation and monitoring, as wellas related support, to the U.

S. and Global Audit & Assurance (A&A)Products and Solutions group that develops and deploys innovative technologyproducts and solutions to Deloitte’s Audit & Assurance business and itsclients.

The position is housed within the Technology Risk Management (TRM)team, reporting to the Technology Risk Manager.

Workyou’ll do :

Vendor and Contract Management

Support risk and compliance review, analysis and evaluation of U.S. and Global contracts, statements of work, purchase orders, and non-disclosure agreements.

Support the onboarding of vendors for U.S. and Global A&A technology and innovation products.

Recognize key compliance, business and legal terms to the QRM Manager and, when applicable, TRM Leader, U.S. and Global Offices of General Counsel (OGC), Audit Risk Management and other stakeholders for reviews, vendor negotiations, and approvals.

Support the Technology Risk Manager and TRM Leader in the collaboration and consultation among stakeholder groups, such as U.

S. and Global OGC, Audit Risk Management, Global Procurement, Global Cyber, Global Privacy, and Third-Party Risk Management (TPRM) Center of Excellence, and product team leadership and business sponsors.

Create and facilitate training and education on vendor management risks to U.S. and Global A&A Products and Solutions group

Support the management of inquiries from product teams regarding vendor risk management, TPRM process or submissions, and lead discussions with the TPRM Center of Excellence.

Create and collaborate on design, development and implementation of a risk-based evaluation process for Proof of Concepts for technology products deployed with or used in the development and testing of tools

Maintain a repository of executed contracts and statements of work and related summaries of key compliance, business and legal terms.

Monitor compliance of key contract business and legal terms by vendors and product teams.

Provide other support as directed by the Technology Risk Manager or TRM Leader.

Open-Source Software (OSS) Compliance

Support the legal and compliance review of OSS code and libraries, liaising closely with OGC and product teams.

Support meetings with product technical architects and OGC to license review comments.

Coordinate with the product teams in the preparation of OSS notices for each product release.

Maintain a repository of approved OSS for all products.

Conduct periodic reviews of products to confirm compliance with policies. Create and facilitate education sessions on OSS policies to product teams.

Provide other support as directed by the Technology Risk Manager or TRM team.

Other Compliance Related Activities

Terms of Use : support the preparation of revisions to terms of use for internal legal reviews for all products; obtain pertinent information and agreements that will facilitate legal reviews;

monitor placement of TOU links for all products; maintain repository of the specific TOU for each product; support meetings with internal legal and risk teams;

other related support.

Privacy Statements : maintain relevant privacy statement for A&A products and solutions through coordination with U.S.

and Global Offices of Confidentiality and Privacy; other related support.

Export Controls and Trade Compliance : coordinate with the Anti-Corruption and Trade Compliance team on specific requests regarding A&A products and solutions.

Required :

Bachelor’s degree

Preferred :

Ability to think outside the box and be agile in order to balance and achieve the overall business goals of A&A Products and Solutions while managing the significant risks for a high-volume of products and releases.

Experience with managing multiple and complex projects simultaneously and delivering results under tight, demanding deadlines while maintaining high-quality and precision.

Excellent written and verbal communication and interpersonal skills.

Ability to apply concepts of risk assessment and professional skepticism.

High level of proficiency in Microsoft Office 365 products, especially Word, PowerPoint, SharePoint, Teams, Power BI, and Excel.

Superior research skills and desire for continuous learning.

Knowledge of OSS scanning tools is a plus.

Legal or third-party risk management experience is a plus.