Location - This role can be based in London, Birmingham or Leeds
At EY, the Risk Management ("RM") group is responsible for ensuring that the UK and Irish ("UK&I") firms comply with the rules and regulations imposed either by external regulators or by EY Global in relation to the conduct of its business.
Security is managed by the UK EY Business Resilience Team (BRT) which is a part of our Risk Management function. The BRT is responsible for health and safety, physical security, business continuity management, travel risk management and crisis management to the Firm. The BRT also provides specialist security advice and support to government and MOD contracts.
NextWave is our global strategy and ambition to deliver long-term value to clients, people and society. It's inspired by the way innovations spread through society, where the rate of growth follows an S-curve. New technologies, ways of working and disruptive change are creating exciting opportunities: to work differently, to work better, and to find ways of creating value for us and the people we serve.
The COVID-19 pandemic has also been a catalyst for change in our Real Estate and the Future of Work strategy. These changes will be innovative, exciting and maintain EY's status as a great place to work.Qualifications: Responsibilities
The BRT Project Security Manager is a new post that will be responsible for conducting assessments, integrating security measures and developing Business Continuity Plans (BCPs) for EY's latest acquisitions. It will be required to ensure that these fields successfully uphold the ISO27001 standard in advance of audit by EY's accrediting body.
Strong Assessment, audit and project management skills will be a requirement of the role along with the following detailed capabilities: Business Continuity:
- Enabling EY business by delivering effective risk management and improved business resilience across EY UK&Is latest acquisitions
- Developing and integrating new Business Continuity Plans as part of EY UK's Business Continuity Management System
- Identifying and integrating risks and critical processes into EY UK's Risk Register & Business Impact Analysis.
- Working with the Senior Manager BRT to implement a UKI BCP coaching and training programme in accordance with ISO 22301
- Programme managing multiple projects simultaneously to meet targets
- Maintaining a central repository of BCP incident reports and BCP training records
- Assessing the firm risks, security policies and procedures (barrier strength - effectiveness to control risks to ALARP)
- Conducting a physical security survey and threat, vulnerability & risk assessment of the client's premises.
- Detailing the security strengths and weaknesses and make further recommendations for further risk mitigation and cost-efficiency
- Documenting the operational requirement, considering the identified risks and in line with EY minimum baseline security standards.
- Assessing electronic security systems, including: Access Control, Intruder alarm and CCTV compliance aligned with GDPR, including a data protection impact assessment to demonstrate compliance with general data protection obligations.
- Defining the technical specification of security systems.
- Project managing any required remediation
Knowledge and Experience Essential: Experienced and qualified in:
- Performing an assessment of the organisations' Information Security Management System (ISMS) against the criteria of ISO:27001. Identify opportunities for improvements/non-compliance and project manage implementation of mitigation.
- Project management
- Security and Risk management
- Risk Assessment
- Business Continuity
- Policy writing
- Change Management
- Lead Auditor ISO: 27001 Information
- Security Management Systems
- IT and technically literate
- Relevant professional qualifications and experience. ASIS CPP/PSP and CBCI is an advantage
- Experience in delivering innovative solutions in security operations and understand the key technology developments in these areas.
- Experience of working within a commercial enterprise.
What we offer
- Intelligent, inquisitive, innovative, sensitive, discrete, well organized and articulate with plenty of common sense and a pragmatic, positive outlook.
- The ability to get things done, but sensitively in a complex environment.
- The tact and awareness to be able to communicate effectively (orally and in writing).
- An exceptional team player with highly developed interpersonal skills, who can build and sustain effective working relationships internally and externally. .
We offer a competitive remuneration package where you'll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:
- Continuous learning : You'll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you : We'll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership : We'll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture : You'll be embraced for who you are and empowered to use your voice to help others find theirs.
Prior to finalising your application, you will be asked to provide personal information across several dimensions of diversity and inclusiveness. The information you provide is kept entirely confidential and will not be used to evaluate your candidacy. We collect this data to help us analyse our recruitment process holistically and implement actions that promote diversity and inclusiveness. While optional, we encourage you to provide this information to hold us accountable towards our goal of building a better working world. Read more about our commitment to diversity & inclusiveness here. We ask because it matters! If you can demonstrate that you meet the criteria above, please contact us as soon as possible. The exceptional EY experience. It's yours to build. "#LI-P"