Search all career opportunities

Senior Manager, Security Policies and Standards Exception Management, Deloitte Global Cyber

Apply now

Apply for Job

Date Posted: Jan 4, 2020

Reference Code: 46441-en_US

Enjoy flexible, proactive, and practical benefits that foster a culture of well-being and connectedness. 
Experience a firm where wellness matters.
Be expected to share your ideas and to make them a reality.



The position reports to the Security Policies and Standards Director.  The role should meet the objectives and mission of the Cybersecurity organization with a primary focus on leading the team responsible for reviewing and making recommendations on security policy and standards exception requests.


What will your typical day look like?


As part of the Global Cybersecurity team, this professional will have the following responsibilities:


  • Lead development of security policies and standards exception management process
  • Set future direction and lead continuous improvement of security policies and standards exception management process
  • Support the development of security policies and standards exception management automation and tooling and continued enhancement



  • Lead the formation and management of Security Policies and Standards Exception Management team
  • Prioritize and assign exception requests to team members
  • Oversee timely and quality performance of exception evaluations, recommendations, and reports
  • Present exception recommendations to senior cybersecurity, risk, and technology leadership
  • Establish and report on exception management performance metrics


Relationship Management

  • Develop and maintain relationships with senior cybersecurity, technology, legal, and risk leaders within DTTL and its member firms
  • Develop and maintain relationships with primary exceptions management leaders in member firms
  • Lead security policies and standards exception management working group and participate in cybersecurity and risk working groups as required


About the team


Deloitte leads with purpose, solving complex issues for our clients and communities. Across disciplines and across borders, Deloitte Touche Tohmatsu Limited (DTTL) Global supports our network of national member firms by developing and driving global strategy, programs, and platforms, and creating new solutions and transformational experiences. Our people share a passion for igniting change and a strong service orientation that shapes our organization and those it supports.

The Deloitte Global Cybersecurity function is responsible for the firm’s overall objectives of enhancing data protection, standardizing and securing critical infrastructure and gaining cyber visibility through security operations centers. The Cybersecurity organization delivers a comprehensive set of cybersecurity services to Deloitte member firms through regional delivery hubs and a Global Fusion Center. We are seeking a Senior Manager, Security Policies and Standard Exception Management to join the team.


Enough about us, let’s talk about you


You are someone with:

  • Bachelor’s degree: degree in business administration, a technology-related field, or equivalent education-related experience
  • Minimum of 10 years of combined experience in the Information Security / Cybersecurity domain with a focus on cybersecurity governance and risk management
  • At least five years’ experience holding a management and leadership role
  • At least three years’ experience in leading a team responsible for security policies and standards exception management
  • Experience with ServiceNow, Archer, or other exceptions management tools is preferable
  • Experience in building an exception management process and seeing it grow from an immature state to a mature state is preferable
  • Professional security management certification desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels
  • Strong leadership and management skills with ability to manage a global team
  • Sound knowledge of business management and an expert knowledge of information / cybersecurity risk management and governance
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT, and NIST, including 800-53 and the Cybersecurity Framework
  • Experience interacting, presenting and working with C-level executives (CEO, CIO, etc.)
  • Ability to travel as needed up to 20%


Why Deloitte?

Launch your career with The One Firm where you can make an impact that matters in a way that you never thought possible. With endless opportunities at every turn, and a culture built to support and develop our people to be the very best they can be, Deloitte is The One Firm for you to learn, grow, create, connect, and lead. We do this by making three commitments to you:

  • You will lead at every level: We grow the world’s best leaders so you can achieve the impact you seek, faster.
  • You can work your way: We give you the means to be flexible in how you need and want to work, and we have innovative spaces, arrangements and the mindset to help you be wildly successful.
  • You will feel included and inspired: We create a deep sense of belonging where you can bring your whole self to work.

The next step is yours

Sound like The One Firm. For You?

At Deloitte we are all about doing business inclusively – that starts with having a diverse colleagues of all abilities!  We encourage you to connect with us at if you require an accommodation in the recruitment process, or need this job posting in an alternative format. We’d love to hear from you!

By applying to this job you will be assessed against the Deloitte Global Talent Standards. We’ve designed these standards to provide our clients with a consistent and exceptional Deloitte experience globally.

Apply now

Apply for Job