Regional Security Manager for EA Eastern Europ

Company Description

Europ Assistance watches out for more than 300 million people around the world since 1963. More than 8,000 employees within 70 local companies are available 24/7 to respond to assistance requests from our clients. They are supported by a network of 425,000 partners to provide an instant answer adapted to each situation and to the client’s need. The development of "Care Services" by the Europ Assistance Group - the union of "health, innovation and proximity" - embodies the meaning behind our business lines. This involves a strong sense of being there, acting effectively when needed for our customers in everyday life, and exceptional circumstances as well.

https://www.europ-assistance.com

Job purpose

The “Regional Security Manager for Eastern Europ manages the cybersecurity posture of Europ Assistance European based entities in tight coordination with Europ Assistance Group Security function and in cooperation with the local IT functions presents in the countries. This scope represents around 750 employees and 4 operational entities and IT departments and teams. He defines and cascade the Group security policy (prevention, protection, detection, resilience, remediation) in his scope and ensures its application in all countries. He has an advisory, assistance, information, training and alerting role, in particular with the business directors and/or the management of Europ Assistance. He ensures proper alignment with Europ Assistance Group CSO/CISO. He ensures the implementation of operational processes and solutions to guarantee data protection and information systems’ security level but is also the main regional coordinator for BCM related topics, and physical security, which remains the responsibility of local teams.

This hybrid role is based in Maribor, with flexibility to work remotely.

Primary duties and responsibilities

The Regional Security Manager oversees and leads the division that ensures Europ Assistance is in position to anticipate cyber threats and incidents and establish the right level of protection for customers, people and operations. He ensures the brand is trusted as #safe #secure #resilient.

Thus, the Regional Security Manager is responsible for

• Defining and implementing a Security Strategic Plan at Europ Assistance entities in scope level in line with the Security Strategic Plan of the Group
• Determining methods to implement, enforce and advise the Europ Assistance entities in scope on Security related issues
• Mitigating Europ Assistance risk exposure at entities in scope level ensuring that appropriate risk treatment plans are defined to comply with defined risk appetite
• Leading Europ Assistance Security transformation journey to put in place at entities in scope level, an organization based on key disciplines: Information Security, Physical Security, Operational Resilience, Business Continuity.
• Establishing the holistic management of security
• Ensuring right and well informed security decisions are taken, escalating when required to the executive management and risk
• Ensuring the provisioning of adequate resources (financial, human, technological, etc.) to implement the Europ Assistance Security Strategic Plan
• Securing and monitoring the necessary budget and investments to deliver his mission
• Coordinate and execute locally the Group security initiatives making sure main actions and activities are conducted by relevant function, while ensuring proper reporting to holding security team.
• In cooperation with Group Security, plan coordinate and execute the local penetration test campaigns for critical applications.

Main interactions

The Regional Security Manager for Eastern Europ reports hierarchically to the Eastern Europ COO function with an hard reporting line to EA Group CSO.

He will interact with:

• Europ Assistance’s other Regional Security Managers, local Chief Information Security Officers, Chief Operation Officers and Chief Executive Officers
• Group and Local Data Protection Officer
• Group and Local Risk Officer
• Group and Local Chief Transformation Officer
• Group and Local Chief Operations Officer
• Europ Assistance Regional Chief Executive Officer

Qualifications

Team Management & Leadership

• Ability to engage with Business Leaders of its perimeter as well as with CSO/COO/CISO hierarchy at Europ Assistance
• Organized, self-sufficient with ability to manage teams globally and drive change

Ability to prioritize and execute tasks in a high-pressure environment

• Excellent written, oral, and interpersonal communication skills (English)
• Demonstrated experience understanding security risks, identifying gaps, and creating risk-mitigating and remediation plans, drawing up IT Security roadmap
• Demonstrated experience understanding of technical aspects of information and IT technology and core security components more such as network, firewall, proxy, VPN, anti-malware, email protection and filtering, system security controls, vulnerability assessment, penetration testing…
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc
• Good grasp of PCI-DSS, ISO 27001, NIST and other security norms, standards & frameworks

One or more of the following certifications is a plus:

• CISM or CISSP
• Microsoft Certified Systems Engineer: Security
• GIAC Security Essentials
• Certification Risk ISO 27005, IRAM 2 or eBios Risk Manager (ANSSI)

Analysis and synthesis skills

Availability to occasionally travel in EA countries where Europ Assistance is present; mainly countries of responsibility and Paris, where Holding company is located.

Personal attributes

• One who is passionate about driving and sustaining change in an organization through committed leadership
• Must have integrity and be dedicated to the principles of developing a strong collaborative organization with well-developed coaching skills
• A creative results-oriented leader who is particularly good at balancing multiple priorities and issues
• Must be a team player up and down the organizational structure, across countries and IT/ Security departments
• Have confidence, self-motivation, and broad business understanding to thrive in a senior autonomous role
• Ability to form open, effective, and trusting relationships with country CxO members
• Good skills in Microsoft Office Suite, especially Excel, Powerpoint