A&A: Consultant - Manager (GRC Specialist)

Location: Bangkok, TH

We are seeking experienced Governance, Risk and Compliance (“GRC”) professionals to join our team and provide GRC advisory and implementation services to our clients. This is a client‑facing role that requires in‑depth knowledge of GRC processes, functional and technical expertise in various GRC platforms.

As a GRC professional, you will work closely with clients to understand their business requirements, provide GRC advisory services, help configure and implement GRC solutions, conduct testing, and provide continuous maintenance and support to ensure systems are running efficiently.

• Act as a trusted advisor to our clients as well as our engagement team to provide delivery leadership
• Perform As‑Is analysis of GRC maturity and provide robust recommendation for To‑Be GRC stage by customizing with good practices for FSI industry or client industry.
• Develop / Assist and implement GRC strategies that align with the regulatory framework and business objectives of clients.
• Develop and deliver GRC policy, procedure, and training programs for clients on risk management, compliance, and governance best practices.
• Work closely with clients, business stakeholders, and technical teams to understand requirements, design solutions, and deliver successful implementations using GRC platforms.
• Conduct workshops and meetings with business stakeholders to understand their risk, compliance, business continuity management (BCM), Third Party Risk Management (TPRM) and Audit management needs.
• Translate business requirements into functional and technical specifications for GRC platform configuration.
• Assist in the design, configuration, and implementation of GRC solutions based on client requirements.
• Develop and customize GRC solutions, including workflow creation, dashboards, reporting features and integrations.
• Design powerful GRC insight dashboards for key stakeholders (e.g., top management, risk manager, risk owner, compliance team, internal audit team).
• Support User Acceptance Testing (UAT) and troubleshoot issues to ensure a smooth transition to production environments and system readiness.
• Provide ongoing support for GRC implementations, resolve issues, fine‑tune systems to meet business and compliance needs, and monitor performance to recommend optimizations for continuous improvement.
• Create and deliver comprehensive documentation for system configurations, testing, user guides, and prepare regular reports on system performance, issues, and enhancements, ensuring the resource can effectively manage and deliver GRC project deliverables.

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. Additionally, Consultant, Senior Consultant and Manager across our Firm are expected to:

• Develop diverse, high‑performing people and teams through new and meaningful development opportunities.
• Collaborate effectively to build productive relationships and networks.
• Understand and lead the execution of key objectives and priorities for internal as well as external stakeholders.
• Align your team to key objectives as well as set clear priorities and direction.
• Make informed decisions that positively impact the sustainable financial performance and enhance the quality of outcomes.
• Influence stakeholders, teams, and individuals positively – leading by example and providing equal opportunities for our people to grow, develop and succeed.
• Lead with integrity and make a strong positive impact by energising others, valuing individual differences, recognising contributions, and inspiring self‑belief.
• Deliver superior value and high‑quality results to stakeholders while driving high performance from people across Deloitte.
• Apply their understanding of disruptive trends and competitor activity to recommend changes, in line with leading practices.

• Bachelor’s degree in finance, Accounting, Information Systems, Risk Management, or related field.
• GRC Platform certifications (e.g., Archer, ServiceNow, MetricStream, Bwise, IBM Open Pages) are highly preferred.
• Relevant certifications (e.g., CPA, CFA, GRCP, CRM, CRISC, CISA, CISM) are highly preferred.
• 5+ years of extensive experience in Risk Management & Compliance, BCM, Third‑Party Risk Management and Audit Management within the banking or financial services industry.
• Hands‑on experience in implementing, configuring, and managing GRC platforms.
• Fair understanding in banking products and overall banking processes.
• Strong understanding of global and local regulatory requirements such as Bank of Thailand (BOT), MAS, ISO 27001, Basel, COSO, IIA and related financial compliance frameworks.
• Experience in GRC consulting or professional firm or project management roles is highly preferred.

• Hands on experience of GRC processes configuration and automation within GRC platforms, including but not limited to access control, workflow configuration, reporting, and dashboard creation.
• Hands‑on experience integrating GRC platform with various systems (e.g., ERP, ITSM, SAP, Oracle, JIRA) using multiple integration methods, including REST/SOAP Web Services, API‑based integrations, flat file transfers, and middleware solutions.
• In‑depth knowledge of HTML, CSS, and XML, with experience in applying these technologies for system customization.
• Experience in installation, upgrading, and maintaining infrastructure for GRC platforms, ensuring optimal performance and system stability.

• Excellent written and verbal communication skills with the ability to work effectively with both technical and non‑technical stakeholders.
• Strong client‑facing skills and ability to build and maintain client relationships.
• Excellent problem‑solving capabilities, adaptability, and critical thinking, with an analytical mindset to solve complex issues and provide strategic recommendations in GRC roles.
• Highly organized with attention to detail and the ability to manage multiple projects simultaneously.

Due to volume of applications, we regret only shortlisted candidates will be notified. Candidates will only be contacted by authorised Deloitte Recruiters via firm’s business contact number or business email address.

Requisition ID: 106944

In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.