The value created by Risk Advisory for organisations is a synonym for operation excellence. In Risk Advisory we provide services to Top Tier clients and understand business process, application and IT controls. We maximise performance of internal business operations by identifying, forecasting, solving and mitigating immediate threats and obstacles while increasing the value of the operations. We take part in projects where we provide our clients with advisory in the areas of risk management (financial and non-financial risks) and implementation of regulations.
You will work with senior client stakeholders to help them better manage their technology risks through pragmatic and fit for purpose solutions
You will communicate with client representatives and help them set up their processes, prepare them for a new regulation or implement risk management solutions
You will contribute to streamlining and innovating our technology risk service offerings You will analyse how the organisation, processes and IT systems work
You will perform reviews and analyses, audit organisations, IT processes and IT systems against regulations, standards and good practices such as COBIT and ITIL You will evaluate processes, risks, controls and clients’ environment
You might work on several projects concurrently, with projects lasting from a couple of weeks to several months
You will facilitate meetings, interview clients, validate findings and obtain agreements Work independently as well as in a team
You will also cooperate on delivering projects with various Deloitte experts (IT, data analysts, actuaries, lawyers, tax experts, etc.)
You will cooperate with experienced colleagues who will be your mentors and help you move forward in your career.
Preffered skills/knowledge/abilities Knowledge of IT environments and processes Experience in IT security audits, IT security controls assessment, IT General Controls audits, IT automated controls audits, IT process optimization, internal auditing, internal controls set-up, business processes reviews
Ability to:
o Evaluate and test internal controls and apply a risk-based audit approach
o Assess systems and supporting controls for compliance with laws, regulations, frameworks, company policies and business needs
o Recommend control improvements to mitigate key risks
Familiarity with COSO, COBIT, ITIL and/or NIST Expertise in SOX, ISAE, SOC2 and/or GDPR
Understanding of IT governance, risk management, information security and application controls
Project management and organizational skills
Professional certifications such as CISA, CISSP, CISM, CRISC
Varied work in the Czech Republic and abroad
Possibility of career growth
Flexible working hours
Support for professional development (mentoring, specialised training, certification, etc.)
Benefit package (Sick leave, 5 weeks of vacation, company smart phone, laptop, travel insurance, interesting company events during the year)