Senior Consultant, Cloud Governance & Control, Risk Advisory, Open to flexible working & returners

City of Edinburgh
14 May 2021
14 Jun 2021
Consultancy, IT
Contract Type

Senior Consultant, Cloud Governance & Control, Risk Advisory, Technology & Digital Risk, Corporate and Public Sector​

Your opportunity 

The use of cloud across the Corporate and Public Sector (CPS) industry is pervasive, with many organisations adopting a ‘cloud first’ strategy.  Cloud is at the centre of digital transformation, enabling the adoption of disruptive technologies to drive cost efficiencies, innovation, new business models and an overall improvement in customer experience.  

The benefits of using the cloud are clear, but many organisations are trying to adopt and scale their use of cloud, doing so with the same risk management approaches they’ve had for the last decade - this is preventing organisations from truly realising these benefits.  

For the right candidate there is an opportunity to play a significant role in redefining how risk and control is managed in the cloud. This role provides the opportunity to support some of the world’s most recognisable organisations in their pursuit of moving fast, yet safely to the cloud through effective governance, and improving and automating controls throughout the stack.

Our Technology & Digital Risk (TDR) team of 350 UK professionals offer unrivalled depth of experience in providing governance, risk, control and assurance solutions to client needs, with focus on the Corporate and Public Sector (CPS). We design, implement and provide assurance over business process and technology controls to manage the risks our clients face on a day-to-day basis.

We encourage consideration of flexible ways of working, both formal and informal arrangements that allow for the best outcomes for our people and our clients. If this opportunity is of interest to you with some flexibility, please do discuss with us.

Are you looking to return to the workplace after an extended career break? 

For this role we can offer coaching and support designed for returners to refresh your knowledge and skills, and help your transition back into the workplace after a career break of 2 years or more. If this is relevant for you, just let your recruiter know when you make your application.

Your role

Within our team you will help support clients across the Corporate and Public Sector to understand, assess and manage the risks they face as they deliver on their digital transformation change portfolio and embed new technology and different ways of working across their businesses. 

We are looking for top performing candidates to join this dynamic and fast-growing team to help us meet the demand for cloud governance and control specialists. As a member of our Technology and Digital Risk team the types of work you will be involved in include:  

  • Advising on the risks facing organisations migrating to the cloud, typically as part of broader, digital transformations and ensuring that these are appropriately addressed
  • Defining and implementing proportionate cloud governance approaches and frameworks, in line with regulatory and compliance requirements
  • Working with Cloud Centres of Excellence, Technology and Risk functions to design and implement new approaches to embedding effective cloud governance control in the cloud adoption lifecycle
  • Design and implementation of technology enabled cloud controls, using native cloud functionality as well as third party technologies, for example supporting the implementation of ‘cloud controls as code’ 

Successful candidates will have the opportunity to work with our high-profile clients across multiple industry sectors. There will also be the opportunity to engage with multi-disciplinary teams from across our business to draw together digital specialisms into client offerings. 


  • Helping clients to migrate to the cloud at pace with control, where cloud governance is seen as a value creator rather than a blocker.
  • Delivering varied client engagements ranging from designing and implementing organisation wide cloud governance approaches, to specialist review of cloud controls relating to the adoption of specific cloud technologies and solutions.
  • Identifying opportunities to build cloud governance and control propositions, including the use of digital technologies to support this, which can be used to help deliver value to existing or new clients.
  • Building your expertise in cloud adoption, as well as broader digital technology and transformational change within the Financial Services industry to develop genuine insight for our clients, and sharing this knowledge with the wider team and externally through developed market eminence. 
  • Contributing to the development of innovative products and services that respond to market developments and the changing risk landscape of cloud. 
  • Helping to develop new business with our existing clients and building relationships with new clients. 
  • Supporting Deloitte’s commitment to creating a culture of respect and inclusion for all of our people.

Your work, your choice

At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. Please speak to your recruiter about the working pattern that works best for you.

Location: This role is ideally located in our London office but other locations will be considered. Travel to client sit's is required.

Work pattern:  This is a permanent role with a degree of flexibility. We do encourage careful consideration of agile ways of working, both formal and informal arrangements that allow for the best outcomes for our people and our clients.

Your professional experience

  • Experience of managing and delivering technology assurance engagements or in the field of risk and control in any of the three lines of defence, and familiarity with general IT controls.
  • Demonstrated ability to build effective relationships with multiple stakeholders.
  • Experience of working effectively in diverse team environment.  
  • Ability to think creatively, generate innovative ideas, challenge the status quo and deliver effectively against challenging objectives.
  • Excellent oral and written communication skills.
  • Experience or exposure to areas such as devops, agile and cyber risk assurance is desired but not essential.
  • A technology related background is desired.
  • Knowledge of the latest technology trends, and an appreciation of the risks they present.
  • Exposure to the key activities required to deliver Change across the Corporate & Public sectors
  • Experience with embedding cloud technology into new or existing governance structures. 
  • Experience with designing, embedding and assuring controls over cloud solutions and platforms.
  • Experience with assuring controls over cloud migrations.
  • A proactive mind-set, with the ability to take responsibility and drive key actions forward coupled with excellent oral and written communication skills to aid effective interaction with senior clients and stakeholders.
  • A passion for self-improvement and the motivation to help contribute to the wider team and firm. 
  • Ideally hold one of the following professional certifications: Certificate of Cloud Security Knowledge (CCSK), Certified of Cloud Security Professional (CCSP), Certificate of Cloud Auditing Knowledge (CCAK), as well as a practical understanding of technical controls across cloud environments.
  • Ideally hold at least Foundational-level certification across one or more of Amazon Web Services (AWS), Microsoft Azure and/or Google Cloud Platform (GCP).  

Your service line: Risk Advisory

In Risk Advisory, our thinking and actions give clients, our people and society the confidence to grow responsibly in a rapidly changing world. We don’t just work with our clients to manage risk, we help them understand and grab the opportunities it presents too, helping them gain a competitive advantage. Our expertise and industry knowledge run deep here. At Deloitte, you’ll find yourself working with some of the most inspiring and experienced colleagues and with clients who trust you to lead the way to smart choices, better control frameworks, and new systems, including bespoke solutions that have a direct impact on their bottom line. 

Personal independence

Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm.  The recruitment team will provide further detail as you progress through the recruitment process.

About Deloitte

Our Purpose & Strategy

To make an impact that matters for our clients, our people and society - defines who we are and what we stand for. Our purpose provides the foundation for our strategy and our aspiration to be the undisputed leader in professional services: this is not about size, it's about being the first choice. The first choice for the largest and most influential clients, and the first choice for the best talent. 

What do we do?

Deloitte offers global integrated professional services that include Audit & Assurance, Consulting, Financial Advisory, Legal, Risk Advisory and Tax Consulting. Our approach combines intellectual leadership, industrial expertise, insight, consulting & problem-solving capabilities whatever the role, technology revolutions and innovation from multiple disciplines to help our clients excel anywhere in the world.

Beyond the UK: Deloitte North and South Europe

The UK is part of Deloitte North and South Europe (NSE), the second largest member firm in the Deloitte network. Deloitte NSE combines operations in Belgium, Central Mediterranean (Italy, Greece, Malta), Ireland, the Middle East (Bahrain, Cyprus, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Oman, Palestinian Ruled Territories, Qatar, Saudi Arabia, United Arab Emirates, Yemen), the Netherlands, the Nordics (Denmark, Finland, Iceland, Norway and Sweden), Switzerland and the UK. Deloitte NSE brings together 2,700 partners and over 50,000 people, combining our unmatched breadth and depth of capabilities in audit and assurance, consulting, financial advisory, risk advisory, and tax and legal across the region. Being part of Deloitte NSE supports our aspiration to be the undisputed leader in professional services and will create more opportunity and growth for our people. 

What do we value?

What brings us all together at Deloitte? It’s how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way, serve with integrity, take care of each other, foster inclusion, and collaborate for maximum impact. These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most. 

Being a Leader at Deloitte

Cultural fit and purpose-led leadership is crucial for Deloitte. Our leaders always set the example and inspire their colleagues. They make quality time for people and take an interest in them. They know what matters to people - both inside and outside work – and value them as individuals; always finding opportunities to develop them while showing respect and appreciation.

We expect colleagues at all levels to embrace and live our purpose and our leadership culture by challenging themselves to identify issues that are most important for our clients, our people, and for society and make an impact that matters. We know leadership comes in all shapes and sizes, but our Leadership Charter helps all of our people understand what we’re looking for:

  • We live our purpose: we act as a role model, embracing and living our purpose and values, and recognising others for the impact they make
  • We develop talent: we develop high-performing people and teams through challenging and meaningful opportunities
  • We drive performance: we deliver exceptional client service; maximise results and drive high performance from people while fostering collaboration across businesses and borders
  • We believe positive influence can make an impact that matters: we influence clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
  • We move, together, towards a strategic direction: we understand key objectives for clients and Deloitte, aligning people to objectives and setting priorities and direction.


For a full job description please click 'Apply'.