Regional Security Risk Expert (CESA EU Countries)

Job Summary:

EY Global Security promotes a safe and secure working environment at EY’s offices and client sites. The Regional Security Risk Manager will play a key role in driving the implementation of Global Security policies and guidance and will develop and mature key elements of core Global Security disciplines consistent with local threats and risks. This person will work with Global Security and Regional Risk Management subject matter experts on security and risk issues.

Essential Functions of the Job:

Working with the CESA Regional Risk Leader, Country Managing Partners, and Security Risk Management for Europe West, CESA & Nordics, the role will entail involvement with, but not limited to, the following activities:

Leadership

• Leading security management with focus on the CESA region, ensuring the efficient and effective fulfilment of security tasks.
• Establishing an open and engaging working atmosphere, conductive to the fulfilment of tasks,
• Implementation of the EY Global Security Policy and the Security Risk Management directives of Europe West, CESA & Nordics.
• Drafting and reviewing plans, procedures, security reports and papers destined for a wide range of audiences.
• Provide sound security guidance and advice to countries’ leadership.
• Influencing country security resources to ensure the efficient and effective fulfilment of tasks.

Planning and Policy

• Assist in the implementation of EY’s Global Security Policy and the Security Risk Management directives of Europe West, CESA & Nordics. This will include security operations, threat and risk monitoring, crisis management and business continuity, physical security, insider threat, travel security, and executive, meeting and event protection.

Crisis Management and Business Continuity Management (Business Resilience)

• Crisis Management and Business Continuity planning and procedures must be maintained and trained at country and where applicable office location level.
• Influence regional/country risk leaders and country senior leadership to actively approach and implement crisis management and business continuity training.
• Drive continuous maintenance of local crisis management and business continuity plans.
• Plan crisis management and business continuity training/exercises.
• Act and respond to emergency and crisis situations based on the respective frameworks and plans.

Physical Security

• To safeguard people, EY operations and physical assets at EY offices or on remote locations, guide and develop existing security projects and continuously improve the state of security in close collaboration with Security risk management of Europe West, CESA & Nordics,  Country Security point of contacts and country managing partners.
• Conduct on-site Security Risk Assessments with a focus on CESA countries.
• Provide support and expertise to CESA countries and local security point of contacts on physical security matters.
• Reporting on completion status of the implementations referred to in any of the security disciplines.
• Support and participation in any cross-functional security initiatives, as applicable to the Region.

Travel Security

• Support the  Travel Security Lead for Europe West, CESA & Nordics to secure safe and secure travel for all Europe West, CESA & Nordics travelers.
• Support the Travel Approval process for High and Extreme risk countries.
• Provide appropriate security briefings and oversee security measures for High to Extreme risk travels in the Region.

Executive, Meeting and Event Protection

• Ensure and oversee the Meeting and Event Security program and assist with the protection of EY’s executives when needed.
• Initiate, assess and oversee threat and risk assessment for meetings and events.
• Occasional on-site security support at high-risk events in CESA region.

Insider Threat

• Oversee and support the implementation of the Insider Threat program.

General tasks:

• Representing EY security at meetings, and at internal and external forums as a brand ambassador.
• Constantly keep updated on country threat and security developments or developments that could have an impact on country security.
• Expand network of police and intelligence contacts, security professionals and none-security stakeholders.
• Improve the knowledge about EY security.

Analytical Responsibilities:

Individual will be responsible for collaborating within the Country Managing Partners, CESA Risk Management Leader, Security Risk Management team for Europe West, CESA & Nordics, local security points of contacts and with other functions to further strengthen EY’s security.  To accomplish this, it will be important for this role to understand the business environment, security requirements and stakeholder expectations.

Supervision Responsibilities:

Individual must be a self-starter, capable of readily managing and switching between multiple tasks and working both closely with the Europe West, CESA & Nordics Security Risk Management leader under minimal supervision. 

Given the nature of the role, flexibility in schedule is required. The role currently does not contemplate any significant direct supervision of others, however, may play a supervisory role over some internal/external Security activities.

Knowledge and Skills Requirements:

• Highly developed interpersonal skills capable of building and sustaining effective working relationships internally and externally largely by use of Teams and email.
• Desire to understand EY’s culture and to deliver a service which is both appropriate and of the highest quality.
• Excellent analytical and problem-solving skills combined with the flexibility to change priorities and respond quickly according to circumstances.
• At ease in a dynamic environment. Remains unruffled under substantial and sustained pressure.
• The tact and awareness to be able to communicate effectively at every level of the organisation.
• Innovative, highly motivated, very positive and with both the ambition and drive to succeed, and the pragmatism to develop workable solutions where EY’s unique structure requires.
• An exceptional team player.
• Willing to take ownership of any issue big or small.
• Fluent communicator (both orally and in writing).

Other Requirements:

• This position will be located in the CESA region {EU countries due to mobility & accessibility reasons}.  Some travel will be required. Remote video and communication tools will be leveraged to the extent possible/reasonable to balance travel requirements. Strong skills in written and spoken English are required.  Any other language is a plus.

Job requirements

Education:

• Bachelor’s degree in security risk management, or a minimum of 5 years of a relevant combination of practical experience and recognized security courses.

Experience:

At least 5 years’ experience in a dynamic security environment. Preferred if this has been within a large national, international, or multi-national organisation.

Certification Requirements:

A recognized security/business continuity qualification (such as ISMI, CPP, PSP, CBCI, CSyP, CBCP/MBCP) is preferred, but not mandatory.

Note: This job description is intended as a guide to reflect the principal purpose of the job.  However, it is not an all-inclusive listing of the required job responsibilities, and these may vary depending on the particular geographic location of the job and/or the manager.  Further, the job description is subject to change at the discretion of management.