Cybersecurity Controls Testing Analyst, Deloitte Global Technology

At Deloitte, our Purpose is to make an impact that matters. We exist to inspire and help our people, organizations, communities, and countries to thrive by building a better future.

Our work underpins a prosperous society where people can find meaning and opportunity. It builds consumer and business confidence, empowers organizations to find imaginative ways of deploying capital, enables fair, trusted, and functioning social and economic institutions, and allows our friends, families, and communities to enjoy the quality of life that comes with a sustainable future.

The Cybersecurity Controls Testing Analyst will be responsible for the following:

• Support the planning, execution, and reporting of cybersecurity compliance testing across DTTL shared services.
• Perform control testing activities to assess compliance against Deloitte’s internal cybersecurity standards, including evidence collection, validation, and documentation.
• Identify, track, and report control gaps, risks, and non-compliance issues to stakeholders, and assist in developing remediation recommendations.
• Collaborate with global shared service teams, cyber risk specialists, and other enabling functions to ensure consistent application of compliance requirements.
• Assist in developing standardized testing methodologies, templates, and reporting mechanisms to enhance efficiency and transparency of the program.
• Support in preparing updates and presentations for senior leadership on testing outcomes, trends, and areas requiring attention.
• Contribute to the development of key performance indicators (KPIs) and dashboards to monitor compliance program progress and effectiveness.
• Stay current on cybersecurity trends, regulatory developments, and industry best practices to inform testing and risk management activities.
• Help promote a culture of controls compliance within Global enabling function teams.

Qualifications

Do you possess the following?

• Bachelor’s degree in information systems, Computer Science, Cybersecurity, Engineering, or a related field.
• Relevant certifications such as ISO 27001 Lead Auditor, CISA, CRISC, Security+, or similar are desirable.
• 3–5 years of professional experience in information security, IT risk management, compliance, or related roles.
• Experience conducting compliance testing, audits, or assessments against internal standards, ISO 27001, NIST, or similar frameworks.
• Strong understanding of cybersecurity controls such as identity & access management, vulnerability management, data protection, and incident management.
• Experience working in a large, global, matrixed organization is an advantage.
• Solid knowledge of risk and compliance methodologies and cybersecurity fundamentals.
• Strong analytical, problem-solving, and critical thinking skills.
• Excellent written and verbal communication skills, with the ability to summarize complex technical information for diverse stakeholders.
• Strong organizational skills with the ability to manage multiple priorities in a fast-paced environment.
• Collaborative mindset and ability to work effectively across global teams and cultures.
• Proficiency with tools such as ServiceNow, GRC platforms, or compliance testing tools is a plus.

Total Rewards

The salary range for this position is $69,000 - $114,000, and individuals may be eligible to participate in our bonus program. Deloitte is fair and competitive when it comes to the salaries of our people.

Deloitte encourages applications from all qualified candidates who represent the full diversity of communities across Canada. This includes, but is not limited to, people with disabilities, candidates from Indigenous communities, and candidates from the Black community in support of living our values, creating a culture of Diversity Equity and Inclusion and our commitment to our AccessAbility Action Plan, Reconciliation Action Plan and the BlackNorth Initiative.