Vendor Cybersecurity Risks Analysis Service Leader

The Vendor Cybersecruity Risks Analysis Service Leader will be responsible for organizing and managing a team of 25+ vendor risk analysts spread in multiple geographies ; defining, optimizing and running all necessary processes for delivering vendor risk assessment reports to member firms, providing compliance on Vendor Risk Management expectations to member firms and other DTTL teams. Specific responsibilities will include:

• Lead and manage a globally dispersed team with over 25 headcounts.
• Cultivate a collaborative and inclusive team culture with clear goals and performance metrics.
• Foster communication across different time zones and cultural contexts.
• Design and implement comprehensive strategies for vendor cyber risk assessments.
• Oversee the maintenance of 1000+ assessments and execution of 300+ new per year, ensuring timely delivery and accuracy.
• Identify key cyber risks associated with vendors and propose mitigation strategies.
• Review and approve risk evaluation reports.
• Develop frameworks for proactive risk detection, escalation, and resolution.
• Ensure adherence to internal policies, industry standards, and regulatory requirements.
• Establish and nurture strong relationships with vendors to facilitate assessment processes.
• Coordinate with the teams in charge of other vendor risks, and with legal office.
• Guide the team in leveraging advanced risk assessment tools and techniques like AI.
• Develop detailed reports and presentations for executive management, summarizing risk assessment activities and insights.
• Communicate effectively with global teams and vendors to ensure clarity and alignment.

Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.

Do you possess the following?:

• Master's degree in Cybersecurity, Information Technology, Risk Management, or related field. Advanced degree preferred.
• Strong understanding of cyber risk frameworks, standards, and regulatory environments (ISO27001, NIST).
• Excellent negotiation, communication, and interpersonal skills.
• Professional Certifications:ISO27001 LI or LA, CISA, CISM, CISSP, ITIL Service Management
• Minimum of 10 years of combined experience in the cybersecurity risk management, vendor assessment or related areas.
• At least 4 years of managerial or leadership experience.
• Proven leadership experience managing dispersed teams across multiple geographies in a large organization.
• Experience with service management, process implementation and continuous improvement

At Deloitte Global people are valued and respected for who they are - with opportunities to bring their unique perspectives, talents and passions to business challenges. Our global workspace creates room for individuality and collaboration. Ours is an inclusive, supportive, connected culture with a focus on development, flexibility, and well-being. This culture makes Deloitte Global one of the most rewarding places to work, and to transform your career.

From entry-level employees to senior leaders, we believe in investing in you, helping you identify and hone your unique strengths at every step of your career. We offer opportunities to build new skills, take on leadership opportunities, and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

At Deloitte, we value our people and offer employees a broad range of benefits. Our Total Rewards program reflects our continued commitment to lead from the front in everything we do-that's why we take pride in offering a comprehensive variety of programs and resources to support your health and well-being.

December 4, 2025