Global Information Security Policy Specialist - Ey

EY

Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 900 people who collaborate to support the business of EY by protecting EY and client information assets. Our Information Security professionals enable EY to work securely and deliver secure products and services, detect and respond quickly to security events, and help protect the EY brand and build client trust.

• Write, edit, and maintain global Information Security policies, standards, and guidelines for internal business users and Information Technology professionals.
• Brainstorm, recommend, and implement improvements to global Information Security policies, standards, and guidelines.
• Collaborate with Information Security, Information Technology, Data Protection teams and business/technical partners on Information Security policies, standards, and guidelines.
• Verify the relevancy and accuracy of Information Security policy documentation.
• Harmonize content of IS documents and materials with other EY policies and standards, ISO/IEC 27001 information security standard, and information security regulatory requirements.
• Communicate policy documents using various written and oral methods, including presentations.
• Support the writing and editing of proposals as needed.

• Understanding of information security concepts.
• Familiarity with principles of securely handling and protecting information.
• Strong analytical and research skills with a keen attention to detail.
• Strong written and verbal communication skills and ability to communicate effectively with different levels within the organization.
• Ability to work well in a collaborative, team-oriented environment.
• Adept at learning new technologies.
• Strong experience with Microsoft Office, especially Word and PowerPoint, is required.

• Two or more years of experience in Information Security or related work.
• Attained or desire to attain one or more of the following certifications: CISSP (Certified Information Systems Security Professional), CRISC (Certified in Risk and Information Systems Control), CSAP (Certified Security Awareness Practitioner), SSAP (SANS Security Awareness Professional).
• Involvement with policy programs.
• Familiarity with common information security standards such as ISO 27000, NIST, PCI DSS, ITIL, COBIT, SOC2.
• Experience working in a global virtual environment.
• Excellent interpersonal, communication and presentation skills.
• Good time management, organizational, and decision‑making skills.
• Ability to understand and integrate cultural differences and motives, and to work with cross‑cultural teams.

We’re looking for someone who can collaborate globally with different regions and cultures, problem‑solve, think creatively, and has an open mind to new insights. Focus on customer service and building positive relationships with colleagues across teams and globally. A highly motivated, diligent, and driven individual who seeks development and improvement opportunities and delivers quality services.

• Continuous learning: develop the mindset and skills to navigate whatever comes next.
• Success defined by you: tools and flexibility to make a significant impact, your way.
• Transformative leadership.
• Flexible working and a globally diverse team to grow, develop, and drive your career forward.
• EY benefits package focused on physical, emotional, financial, and social well‑being (detailed by country).