Region Security Manager

Application deadline date has been passed for this Job.
This job has been Expired
Full Time
  • Post Date: June 27, 2016
  • Offerd Salary Negotiable
  • Career Level Manager
  • Experience 5 Years
  • Gender Male
  • INDUSTRY Others
  • Qualification Bachelor Degree
Job Description
Region Security Manager  DUB002FW
Reports to:
1.         Regional Managing Partner
2.         Global Security           
Job Summary:
EY Global Security promotes a safe and secure working environment at EY’s offices and client sites. The Region Security Manager will play a key role in driving the regional implementation of Global Security policies and guidance and will develop and mature key elements of core Global Security disciplines consistent with local threats and risks. This person will work with Region Leadership, Global Security and Global Risk Management subject matter experts on security and risk issues.
Essential Functions of the Job:
Working with the Region Managing Partner, Region Risk Management Leader and Global Security, the role will entail involvement with, but not limited to, the following activities:
Planning and Policy
To understand and assist in the implementation of EY’s Global Security Policy. This will include security operations, threat and risk monitoring, business continuity management (emergency preparedness and response planning, business continuity planning), physical security, asset protection (insider threat), travel security, and executive and meeting protection.
Business Continuity Management (BCM)
Emergency response plan and procedures must be developed at office location level and must include at a minimum:
  • Assigned crisis management team (CMT) and alternates, with agreed responsibilities
  • Notification and escalation tool and procedures (including full implementation of EY’s mass notification tool)
  • Published list of immediate and subsequent actions to manage an emergency
  • Procedures for communicating in advance of, during, and after an emergency to EY people and families, clients, stakeholders, media
  • Greater specificity of planning and strength of resilience, where there is elevated threat and/or risk exposure
  • Coordination with landlord’s and local emergency responders’ plans
  • Annual training and exercise to prepare the CMT to respond effectively to a crisis situation (including test of the mass notification tool, once implemented)
  • Annual plan maintenance process to routinely update plans to reflect the changes in staffing and logistics
Business continuity plans and procedures must be developed on an office, country or Region level (as appropriate for the geographical size under consideration – scope of plans should be devised in coordination with Global Security) and must include at a minimum:
  • Assigned Business Continuity Plan (BCP) management team, and alternates with agreed upon responsibilities
  • Notification and escalation procedures
  • Process for identifying critical functions and requirements through a business impact analysis
  • Process for prioritizing clients and client service commitments/responsibilities
  • Published list of immediate and subsequent actions to manage a business interruption
  • Arrangements and recovery procedures to meet critical requirements in established timescales
  • Development of and reference to or inclusion of the pandemic plan and any related infectious disease plan(s)
  • Confirmation of business continuity plans in place, meeting EY’s recovery requirements, with critical local suppliers and service providers
  • A method for monitoring and tracking disaster related expenses sufficient to document continuity insurance claims
  • Annual training and exercise to prepare the BCP team to recover effectively in a disaster situation
  • Annual plan maintenance process to routinely update  plans to reflect the changes in staffing and processes
Physical Security
To safeguard people and physical assets at EY offices physical security implementation must include at a minimum:
  • Formal written documentation of all existing controls
  • When considering new office space, a review of risk and threats present in and around the site and what controls the landlord is offering to offset these threats and risks
  • Controls to manage  access to EY Facilities
  • Controls to ensure access system permits only authorized persons into EY space
  • Controls to create an audit trail for access to and movement within EY offices
  • Controls to limit access to sensitive areas (data rooms, records centers) to those with a business need
  • Management of security data in compliance with applicable laws, regulations and privacy policy
  • Controls to manage visitors access and use of EY facility
  • Controls to allow temporary access to EY facilities for visiting EY personnel and local EY personnel who have forgotten their security credentials
  • Controls to manage vendors (e.g. cleaning staff, repair people, building maintenance) and other non EY people who need access to EY space
  • Technical or manual controls to make certain that office perimeter and sensitive access doors are operating correctly
  • Controls to safely manage inbound and outbound mail and packages
  • Controls to ensure handling of personally identifiable information is consistent with relevant EY Privacy polices
Asset Protection
Asset Protection implementation must include at a minimum:
  • Prevention, detection, and response to insider threats (as defined through the EY Insider threat program)
  • Asset protection processes and reporting protocols


Travel Security
Travel Security discipline includes, at a minimum:
  • Use of EY’s travel compliance process for travel to the extreme risk destinations. The compliance process must be initiated as soon as the potential travel is anticipated, to prevent negative impact from any unknown delays that may result
  • Coordination with Region travel services providers and use, coordination and implementation of travel security tools
Executive and Meeting Protection
Protection of EY’s Executives and meetings must include, at a minimum:
  • Identification of EY Executives warranting protections enumerated within this security discipline
  • Provision of extraordinary support in extreme/high risk destinations as warranted
  • Threat and risk assessment for meetings reflecting:
    • The status or public interest of external speakers and attendees
    • Other events taking place at the same time, either at the venue, or in the vicinity
    • Capabilities of existing in-house security arrangements
  • Procedures to protect sensitive discussions/documentation (spoken, electronic and hard copy)
  • Confirmation of appropriate conference/hotel facility emergency preparations
  • Pre-identification of local emergency services (fire, police, medical)
Security Operations
Security Operations requirements for the Region include:
  • Participation in compliance process as related to any or all security disciplines
  • Communication of awareness material across the Region
  • Reporting on completion status of the implementations referred to in any of the security disciplines
  • Support and participation in any cross-functional security initiatives, as applicable to the Region
Analytical Responsibilities:
Individual will be responsible for collaborating within the Regional Managing Partner, Regional Risk Management Leader, EY’s Global Security team and with other functions to further strengthen EY’s internal and external security. To accomplish this, it will be important for this role to analyse the business environment, geographical variations, security requirements and stakeholder expectations.
Supervision Responsibilities:
Individual must be a self-starter, capable of readily managing and switching between multiple tasks and working with minimal supervision. Given the nature of the role, flexibility in schedule is required. The role currently does not contemplate any significant direct supervision of others, however, may play a supervisory role over some internal/external contractors engaged to support Security activities.
Knowledge and Skills Requirements:
  • Highly developed interpersonal skills capable of building and sustaining effective working relationships internally and externally across countries and cultures largely by use of phone and email.
  • Desire to understand EY’s culture and to deliver a service which is both appropriate and of the highest quality.
  • Excellent analytical and problem solving skills combined with the flexibility to change priorities and respond quickly according to circumstances.
  • At ease in a dynamic environment. Remains unruffled under substantial and sustained pressure.
  • The tact and awareness to be able to communicate effectively at every level of the organisation.
  • Innovative, highly motivated, very positive and with both the ambition and drive to succeed, and the pragmatism to develop workable solutions where EY’s unique structure requires.
  • An exceptional team player.
  • Willing to take ownership of any issue big or small.
  • Fluent communicator (both orally and in writing).
Other Requirements:
This position will be located in {insert appropriate EMEIA country/region}.  Relocation costs are not covered. Some travel will be required. Remote video and communication tools will be leveraged to the extent possible/reasonable to balance travel requirements. Strong skills in written and spoken English are required.  Fluency in region relevant language(s) is preferred, but not essential.
Job Requirements:
To qualify candidates must have a minimum of a relevant Bachelor’s degree.
Currently acting as a Manager with at least 3 years’ experience in a dynamic security environment. Preferred if this has been within a large national, international or multi-national organisation.
Certification Requirements:
A recognized security/business continuity qualification (such as CPP, PSP, CBCI, CSyP, CBCP/MBCP) is preferred, but not mandatory.

Qualified candidates should submit their CV’s in