Associate/Senior Associate - Cyber Data Privacy and Protection

Title: Service Line (based in ) – Associate/Senior Associate - Cyber Data Privacy and Protection

Are you ready to unleash your potential?

At Deloitte, our purpose is to make an impact that matters for our clients, our people, and the communities we serve.

We believe we have a responsibility to be a force for good, and WorldImpact is our portfolio of initiatives focused on making a tangible impact on society’s biggest challenges and creating a better future. We strive to advise clients on how to deliver purpose-led growth and embed more equitable, inclusive as well as sustainable business practices.

Hence, we seek talented individuals driven to excel and innovate, working together to achieve our shared goals.

We are committed to creating positive work experiences that foster a culture of respect and inclusion, where diverse perspectives are celebrated, and everyone is recognised for their contributions.

Ready to unleash your potential with us? Join the winning team now!
 

Are you interested in improving the cyber and privacy risk profiles of leading companies? If your response is yes, consider joining Deloitte Konsultan Indonesia's growing data privacy and protection practice. Our data privacy and protection specialists assist our clients with the design and implementation of holistic privacy and protection programs, including people, process, and technology capabilities.

Work you’ll do

• Enable clients to understand the impact of privacy laws, regulations, and standards/trends across their organization and develop strategies to enhance their privacy program maturity.
• Assist in the development of privacy program governance components (e.g., policies, procedures, standards, frameworks, training, notices) for complex global clients across industries.
• Assist clients with understanding how privacy technologies can serve as an enabler for privacy program operations and assist with the deployment of leading privacy technologies.
• Assist clients in designing, deploying, and managing technology and process solutions to reduce the potential for data compromise.
• Assist clients with developing technical requirements, evaluating vendor solutions, developing architecture & design, and testing of data protection and data security solutions
• Advise clients in understanding the future state problems and challenges in cyber security and work collaboratively with them to enhance capabilities
• Coordinate with diverse groups of client stakeholders to meet their unique needs in fast-paced environments
• Understanding of the entire ecosystem of data protection including well-rounded understanding of the information security domains and their inter-relations across that ecosystem.
• Support the privacy practice in market expansion and revenue growth YoY

Your role as a leader

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Associates / Analysts / Consultants across our Firm are expected to:

• Demonstrate a strong commitment to personal learning and development.
• Understand how our daily work contributes to the priorities of the team and business.
• Understand the set expectations and demonstrate accountability in keeping personal performance on track.
• Actively focus on developing effective communications and relationship-building skills with stakeholders, clients and team.
• Demonstrate an appreciation for working with others.
• Understand what is fundamental to Deloitte’s success as a business.
• Demonstrate integrity and an awareness of strengths, differences, and personal impact.
• Develop their understanding of Deloitte and offer a fresh perspective.

Requirements

Required

• 2 + years of experience in assessing, designing, building, and implementing privacy programs (for senior associates)
• 2+ years demonstrated ability to translate business, risk and regulatory requirements into data protection solutions and to effectively communicate those solutions to business leaders and executives (for senior associates)
• Strong knowledge and awareness of domestic and global privacy laws, regulations, and standards such as the UU ITE, PP71/2019, Perkominfo No 20/2016, GDPR, ISO 27701, NIST Privacy Framework
• Experience in facilitating privacy stakeholder interviews and working sessions
• Demonstrated ability to build stakeholder relationships and excellent communication skills
• Excellent communication skills and fluency in written and spoken English

Preferred

• Demonstrated experience in designing and implementing technology and process solutions to reduce the potential risk of data compromise
• Certifications in one or more of the following: CIPP, CIPM, CIPT, FIP, CDPSE, CISM, CISSP
• Experience with Privacy Management technology, e.g., OneTrust, Security, BigID, TrustArc, etc.
• 2 + years of experience in developing, implementing, and/or operating one or more of the privacy program components such as:
  • Organization and operating model
  • Privacy requirements and control frameworks
  • Privacy metrics and reporting procedures
  • Record of processing activities/data inventory
  • Privacy policies, notices, contracts and clauses
  • Individual / data subject rights
  • Consent, preference, and cookies management
  • Third-party privacy risk management
  • Cross-border data transfer mechanisms (e.g., binding corporate rules, model contracts)
  • Privacy by design/default and data privacy impact assessments
  • Privacy training and awareness
  • Privacy incident response
• Hands-on experience working with a few of the following data protection technologies:
  • Data Loss Prevention (DLP) technology (e.g. Symantec DLP, Forcepoint DLP, McAfee DLP, CoSoSys, Digital Guardian)
  • Endpoint Protection and Endpoint Detection and Response technology (e.g. Crowdstrike Falcon, Cylance Protect/Optics, Microsoft Defender, VMware Carbonblack etc.)
  • Cloud Access Security Broker (CASB) technology (e.g Netscope CASB,Forcepoint CASB, McAfee CASB, Microsoft MCAS etc)
  • Secure Web Gateways and DNS Security technology (e.g. Zscaler Internet Access, Broadcom Web Security, Netskope Secure Web Gateway, Cisco Umbrella OpenDNS etc.)
  • Data Discovery, Retention and Destruction technologies (e.g. Symantec Network Discovery, Veritas Data Insight, Varonis Suite etc)
  • Data Classification and Rights Management technology (e.g. Microsoft Azure Information Protection, Boldonjames Data Classification, Titus Classification Suite etc)
  • Key and Certificate Lifecycle Management technology  (e.g Venafi Trust Protection, Vormetric Key Management etc.)
  • Public Key Infrastructure technologies (e.g. Digicert, Entrust, Verisign, RSA Security etc)
  • Data Access Governance technology (e.g. Varonis, BigID, Optiv, Netwrix, etc.)
  • Database Encryption technologies (e.g. CipherTrust, Vormetric Transparent Encryption, IBM Guardium, Fortanix etc)
• Familiarity with consumer identity and access management concepts and solutions such as ForgeRock, SAP CDC, Okta, certification a plus
• Familiarity with cloud technologies such as AWS, MS Azure, and GCP; certification a plus
• Strong awareness of ongoing and recent developments across the privacy landscape

Due to volume of applications, we regret only shortlisted candidates will be notified. Candidates will only be contacted by authorized Deloitte Recruiters via firm’s business contact number or business email address.