A&A: Consultant - Manager (GRC / Risk Transformation - Enterprise Risk Management (ERM))

Are you ready to unleash your potential?

At Deloitte, our purpose is to make an impact that matters for our clients, our people, and the communities we serve. 

We believe we have a responsibility to be a force for good, and WorldImpact is our portfolio of initiatives focused on making a tangible impact on society’s biggest challenges and creating a better future. We strive to advise clients on how to deliver purpose-led growth and embed more equitable, inclusive as well as sustainable business practices. 

Hence, we seek talented individuals driven to excel and innovate, working together to achieve our shared goals. 

We are committed to creating positive work experiences that foster a culture of respect and inclusion, where diverse perspectives are celebrated, and everyone is recognised for their contributions.

Ready to unleash your potential with us? Join the winning team now!

Work You Will Do

As a GRC Transformation Consultant, you will lead workstreams in complex GRC transformation projects. You will act as a trusted advisor to client stakeholders, bringing deep knowledge of Enterprise Risk Management (ERM) module combined with hands-on expertise in leading GRC platforms. In this role, you will be responsible for managing project delivery, mentoring junior consultants, and ensuring solutions are aligned to client objectives and regulatory requirements. The scope includes business requirement gathering, system design, testing, training and deployment of ERM functionalities. You will also play a key role in shaping risk transformation strategies and driving adoption of GRC platforms across financial institutions.

Key Responsibilities

• Conduct session of business and regulatory requirements from stakeholders and finalise the requirements.
• Provide advisory on Enterprise Risk Management to support good design of system functionality to ensure design aligning with relevant regulatory requirement and good practice.
  • Enterprise Risk Management Framework and Matrix including risk appetite and tolerance
  • Enterprise Risk Management Workflow from end to end including identification, assessment, monitoring, escalation and reporting
  • Enterprise Risk Indicators
  • Enterprise Risk Inventory and Controls
  • Enterprise Risk Dashboard
• Translate requirements into system specifications and user stories.
• Lead the workshops with client stakeholders and solve the issues properly with good practices and knowledge sharing.
• Prepare documentation including Requirement Traceability Matrix (RTM), Functional Specification Document (FSD), and process flows.
• Support design, configuration, and integration of the ERM module within the GRC platform.
• Develop, execute and manage test cases & scripts and UAT for ERM module.
• Support accuracy and completeness of data migration and system outputs.
• Document test results, track defects, and support resolution.
• Create training materials (such as manuals, quick guides, and e-learning modules) and conduct the trainings.
• Support change management activities for ERM module to ensure effective adoption.
• Manage project delivery, budgets, risks, key stakeholders and communications with clients.
• Supervise and coach junior consultants, reviewing work products to ensure quality and consistency.
• Contribute to business development through proposals, client presentations, and thought leadership.

Your Role as a Leader

• Build and lead diverse teams, providing coaching and development opportunities to junior staff.
• Collaborate across service lines to deliver integrated solutions to clients.
• Inspire confidence and trust in clients through strong stakeholder engagement and communication.
• Drive superior outcomes by aligning project objectives with client strategic priorities.
• Demonstrate integrity, accountability, and inclusive leadership values.

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves everyday to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. In addition to living our purpose, Consultant - Managers across our Firm are expected to:

• Understand objectives for stakeholders, clients and Deloitte whilst aligning own performance to objectives and sets personal priorities.
• Develop themselves by actively seeking opportunities for growth, shares knowledge and experiences with others, and acts as a strong brand ambassador.
• Seek opportunities to challenge themselves, collaborate with others to deliver and takes accountability for results.
• Build relationships and communicates effectively in order to positively influence peers and stakeholders.
• Work effectively in diverse teams within a highly inclusive team culture where everyone is supported, respected and recognized for their contribution.

Qualifications

• Bachelor’s or Master’s degree in Business Administration, Risk Management, Finance, Information Systems, or related field.

For Consultant level :  1–3 years of experience in GRC, Enterprise Risk Management, or Risk Advisory, preferably in the financial services sector.

For Senior Consultant  and Manager level :  5–8 years of experience in GRC, Enterprise Risk Management, or Risk Advisory, preferably in the financial services sector.

• Strong knowledge of ERM frameworks (COSO ERM, ISO 31000) and regulatory standards (Basel II/III, BOT).
• Experience with GRC platforms (RSA Archer, SAP GRC, MetricStream, or equivalent) is a plus.
• Archer Certified Administrator (Specialist/Expert), ServiceNow CIS (Risk & Compliance), or equivalent certification is a plus.
• Proficiency in business analysis, documentation, and stakeholder facilitation.
• Strong problem-solving, analytical, and communication skills.
• Professional certifications such as GRC, CISA, CRISC, CISM, CISSP are highly desirable.

Technical Skills

• Exposure to GRC/IRM platforms such as Archer, ServiceNow, or MetricStream.
• Understanding of workflows, reporting, and dashboard.
• Proficiency in Microsoft Excel and PowerPoint for analysis and reporting.

Soft Skills

• Analytical and detail-oriented mindset with the ability to work on multiple projects simultaneously.
• Strong written and verbal communication, able to engage both technical and business stakeholders.
• Team-oriented with a willingness to learn and adapt to dynamic client environments.
• Ability to work in structured consulting environments with deadlines and deliverables.

Industry Focus: FSI

Exposure to banking, asset management, digital asset, insurance, and financial services risk and compliance processes. Understanding of significant risk and compliance domain for specific industry.

Due to volume of applications, we regret only shortlisted candidates will be notified.

Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via this official Deloitte website.