āļāļĩāļĨāļāļĒāļāđ āļāļđāđāļ āđāļāļĄāļąāļāļŠāļļ āđāļāļĒāļĒāļĻ āļāļģāļāļąāļ
āļāļĢāļ°āļāļēāļĻāļāļēāļāļāļĩāđāļŦāļĄāļāļāļēāļĒāļļāđāļĨāđāļ§
A&A : Senior Consultant (Third Party Risk Management/Transformation)
āļāļĩāđāļāļĩāļĨāļāļĒāļāđ āļāļđāđāļ āđāļāļĄāļąāļāļŠāļļ āđāļāļĒāļĒāļĻ āļāļģāļāļąāļA&A : Senior Consultant (Third Party Risk Management/Transformation)
Date: 4 Jan 2026
Service Line / Portfolios: Assurance
Location: Bangkok, TH
Are you ready to unleash your potential?
At Deloitte, our purpose is to make an impact that matters for our clients, our people, and the communities we serve.
We believe we have a responsibility to be a force for good, and WorldImpact is our portfolio of initiatives focused on making a tangible impact on societyâs biggest challenges and creating a better future. We strive to advise clients on how to deliver purpose-led growth and embed more equitable, inclusive as well as sustainable business practices.
Hence, we seek talented individuals driven to excel and innovate, working together to achieve our shared goals.
We are committed to creating positive work experiences that foster a culture of respect and inclusion, where diverse perspectives are celebrated, and everyone is recognised for their contributions.
Ready to unleash your potential with us? Join the winning team now!
Work You Will Do
As a GRC Technology Consultant, you will be part of our Governance, Risk, and Compliance (GRC) team, supporting the delivery of technology-enabled risk transformation projects. In this role, you will perform a functional consultant capacity by gathering business requirements, contributing to the design, implementation, and enhancement of the Third Party Risk Management (TPRM) module within our GRC platform.
You will act as a bridge between business stakeholders, risk management teams, and the system implementation team, ensuring effective design, testing, and deployment of TPRM functionalities. Your work will align with established risk management frameworks, regulatory requirements, and industry best practices to enable a robust and sustainable risk management environment.
Key Responsibilities
- Gather business and regulatory requirements from stakeholders.
- Provide advisory on Operational Risk Management to support good design of system functionality to ensure design aligning with relevant regulatory requirement and good practice.
o Third Party Risk Management Framework
o Third Party Risk Management Workflow from end to end including classification based on Bank of Thailand requirement or relevant regulation, Due Diligence & Risk Assessment, Monitoring & Ongoing, Termination & Offboarding Process, and Reporting for internal purpose and regulatory report.
o Third Party Risk Indicators
o Third Party and Vendor Inventory
o Third Party Risk and Control Inventory
o Third Party Risk Dashboard
- Translate requirements into system specifications and user stories.
- Prepare documentation including Requirement Traceability Matrix (RTM), Functional Specification Document (FSD), and process flows.
- Support design, configuration, and integration of the TPRM module within the GRC platform.
- Develop and execute test cases and UAT scripts for TPRM module.
- Support accuracy and completeness of data migration and system outputs.
- Document test results, track defects, and support resolution.
- Create training materials such as manuals, quick guides, and e-learning modules.
- Deliver user training sessions and provide adoption support.
Qualifications
- Bachelorâs or masterâs degree in business administration, Risk Management, Finance, Information Systems, or related field.
For Senior Consultant Level
- 5â8 years of experience in GRC, Internal Audit, or Risk Advisory, preferably in the financial services sector.
- Strong knowledge of ORM frameworks (COSO ORM, ISO 31000) and regulatory standards (Basel II/III, BOT including requirement for IT Third-Party and Business Partner).
- Experience with GRC platforms (RSA Archer, SAP GRC, MetricStream, or equivalent) is a plus.
- Archer Certified Administrator (Specialist/Expert), ServiceNow CIS (Risk & Compliance), or equivalent certification is a plus.
- Proficiency in business analysis, documentation, and stakeholder facilitation.
- Strong problem-solving, analytical, and communication skills.
- Professional certifications such as GRC, CISA, CRISC, CISM, CISSP are highly desirable.
Technical Skills
- Exposure to GRC/IRM platforms such as Archer, ServiceNow, or MetricStream.
- Understanding of workflows, reporting, and dashboard.
- Proficiency in Microsoft Excel and PowerPoint for analysis and reporting.
Soft Skills
- Analytical and detail-oriented mindset with the ability to work on multiple projects simultaneously.
- Strong written and verbal communication, able to engage both technical and business stakeholders.
- Team-oriented with a willingness to learn and adapt to dynamic client environments.
- Ability to work in structured consulting environments with deadlines and deliverables.
Industry Focus: FSI
Exposure to banking, asset management, digital asset, insurance, and financial services risk and compliance processes. Understanding of significant risk and compliance domain for specific industry.
Due to volume of applications, we regret only shortlisted candidates will be notified.
Please note that Deloitte will never reach out to you directly via messaging platforms to offer you employment opportunities or request for money or your personal information. Kindly apply for roles that you are interested in via this official Deloitte website.
Requisition ID: 110917
In Thailand, the services are provided by Deloitte Touche Tohmatsu Jaiyos Co., Ltd. and other related entities in Thailand ("Deloitte in Thailand"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Thailand, which is within the Deloitte Network, is the entity that is providing this Website.
āļāļąāļāļĐāļ°āļāļĩāđāļāļģāđāļāđāļ
- Risk Management
- Internal Audit
- SAP
āļāļĢāļ°āļŠāļāļāļēāļĢāļāđāļāļĩāđāļāļģāđāļāđāļ
- 5 āļāļĩ
āđāļāļīāļāđāļāļ·āļāļ
- āļŠāļēāļĄāļēāļĢāļāļāđāļāļĢāļāļāđāļāđ
āļŠāļēāļĒāļāļēāļ
- āļāļĩāđāļāļĢāļķāļāļĐāļē
- āđāļāļāļĩ / āđāļāļĩāļĒāļāđāļāļĢāđāļāļĢāļĄ
āļāļĢāļ°āđāļ āļāļāļēāļ
- āļāļēāļāļāļĢāļ°āļāļģ
āđāļāļĩāđāļĒāļ§āļāļąāļāļāļĢāļīāļĐāļąāļ
āļāļģāļāļ§āļāļāļāļąāļāļāļēāļ:100-500 āļāļ
āļāļĢāļ°āđāļ āļāļāļĢāļīāļĐāļąāļ:āļāļēāļāļāļĩāđāļāļĢāļķāļāļĐāļēāļāđāļēāļāļāļēāļĢāļāļĢāļīāļŦāļēāļĢ
āļāļĩāđāļāļąāđāļāļāļĢāļīāļĐāļąāļ:n/a
āđāļ§āđāļāđāļāļāđ:www.deloitte.com/view/en_TH/
āļāđāļāļāļąāđāļāđāļĄāļ·āđāļāļāļĩ:1939
āļāļ°āđāļāļ:4/5
"Deloitte" āđāļāđāļāđāļāļĢāļāļāđāļāļĩāđāļāļĒāļđāđāļ āļēāļĒāđāļāđāļāļąāļāļŦāļĄāļ·āđāļāļāļāļāļāļđāđāđāļāļĩāđāļĒāļ§āļāļēāļāļāđāļēāļāļāļēāļĢāļāļļāļāļīāļĻāļāļāđāļ āļāļĢāļīāļĐāļąāļ āļāļĩāđāđāļāđāļāļāļīāļŠāļĢāļ°āļāļąāđāļ§āđāļĨāļāļāļģāļāļēāļāļĢāđāļ§āļĄāļāļąāļāđāļāļ·āđāļāđāļŦāđāļāļēāļĢāļāļĢāļ§āļāļŠāļāļāđāļŦāđāļāļģāļāļĢāļķāļāļĐāļēāļāļĩāđāļāļĢāļķāļāļĐāļēāļāļēāļāļāļēāļĢāđāļāļīāļāļāļĩāđāļāļĢāļķāļāļĐāļēāļāļ§āļēāļĄāđāļŠāļĩāđāļĒāļāļ āļēāļĐāļĩāđāļĨāļ°āļāļĢāļīāļāļēāļĢāļāļĩāđāđāļāļĩāđāļĒāļ§āļāđāļāļāļāļąāļāļĨāļđāļāļāđāļēāđāļĨāļ·āļāļ āļāļĢāļīāļĐāļąāļ āđāļŦāļĨāđāļēāļāļĩāđāđāļāđāļāļŠāļĄāļēāļāļīāļāļāļāļ āļāļĢāļīāļĐāļąāļ āļāļĩāļĨāļāļĒāļāđāļāļđāđāļāđāļ āļāļģāļāļąāļ āļāļķāđāļāđāļāđāļ āļāļĢ ...
āļĢāđāļ§āļĄāļāļēāļāļāļąāļāđāļĢāļē: At Deloitte, you can have a rewarding career on every level. In addition to challenging and meaningful work, we believe in work-life harmonisation and also offer you a friendly work environment where our people take pride in their achievements, the success of others and the quality of their work. ...
āļŠāļģāļāļąāļāļāļēāļāđāļŦāļāđ: AIA Sathorn Tower, 23rd â 27th Floor 11/1 South Sathorn Road, Yannawa, Sathorn, Bangkok 10120
āļŠāļ§āļąāļŠāļāļīāļāļēāļĢ
- āļāļģāļāļēāļ 5 āļ§āļąāļ/āļŠāļąāļāļāļēāļŦāđ
āļāļģāđāļŦāļāđāļāļāļēāļāļ§āđāļēāļāļāļĩāđāļāļļāļāļāđāļēāļāļ°āļŠāļāđāļ
āļāļĩāđ WorkVenture āđāļĢāļēāđāļŦāđāļĄāļđāļĨāđāļāļīāļāđāļāļĩāđāļĒāļ§āļāļąāļāļāļĢāļīāļĐāļąāļ āļāļĩāļĨāļāļĒāļāđ āļāļđāđāļ āđāļāļĄāļąāļāļŠāļļ āđāļāļĒāļĒāļĻ āļāļģāļāļąāļ āđāļāļĒāļĄāļĩāļāđāļāļĄāļđāļĨāļāļĩāđāđāļāļĩāđāļĒāļ§āļāđāļāļ āļāļąāđāļāđāļāđāļ āļēāļāļāļĢāļĢāļĒāļēāļāļēāļĻāļāļēāļĢāļāļģāļāļēāļ āļĢāļđāļāļāđāļēāļĒāļāļāļāļāļĩāļĄāļāļēāļ āđāļāļāļāļāļķāļāļĢāļĩāļ§āļīāļ§āđāļāļīāļāļĨāļķāļāļāļāļāļāļēāļĢāļāļģāļāļēāļāļāļĩāđāļāļąāđāļ āļāļķāđāļāļāđāļāļĄāļđāļĨāļāļļāļāļāļĒāđāļēāļāļāļāļŦāļāđāļēāļāļāļāļāļĢāļīāļĐāļąāļ āļāļĩāļĨāļāļĒāļāđ āļāļđāđāļ āđāļāļĄāļąāļāļŠāļļ āđāļāļĒāļĒāļĻ āļāļģāļāļąāļ āļĄāļĩāļāļāļąāļāļāļēāļāļāļĩāđāļāļģāļĨāļąāļāļāļģāļāļēāļāļāļĩāđāļāļĢāļīāļĐāļąāļ āļāļĩāļĨāļāļĒāļāđ āļāļđāđāļ āđāļāļĄāļąāļāļŠāļļ āđāļāļĒāļĒāļĻ āļāļģāļāļąāļ āļŦāļĢāļ·āļāđāļāļĒāļāļģāļāļēāļāļāļĩāđāļāļąāđāļāļāļĢāļīāļāđ āđāļāđāļāļāļāđāļŦāđāļāđāļāļĄāļđāļĨāļāļĢāļīāļāļŠāļĄāļąāļāļĢāļāļēāļ āđāļāļ§āļŠāļĄāļąāļāļĢāļāļēāļ āļāļĢāļīāļĐāļąāļ āđāļāđāļāđāļāļāđ āļāļīāļāļīāļāļāļĨ āļāļēāļĢāđāļāđāļāļāļĢāđ āļāļģāļāļąāļāļŠāļĄāļąāļāļĢāļāļēāļ āđāļāļĄāļīāļāļīāđāļāļ°āļŠāļĄāļąāļāļĢāļāļēāļ āļĢ.āļ.āļ