Client Security Specialist Assistant Director

About the role

Position: Client Assurance Senior Specialist – Information Security. Location: Milan, Italy.

EY Information Security protects the EY and client information assets. The Client Security Assurance team supports EY client requests regarding information security and data protection. The Senior Specialist will assist EY engagement teams in addressing client requests concerning the security of EY’s traditional and cloud-based technology solutions, while performing security consulting and liaison activities, including interacting with regulators on governance and cybersecurity matters.

Key Responsibilities

• Contribute to the development, implementation and maintenance of the Client Security Assurance function for your area.
• Support inquiries and onsite assessment requests from local regulators regarding the EY governance process, technologies and information security controls.
• Support EY engagement teams with client‑led security assessments, inquiries, and onsite reviews regarding EY’s Global Information Security Program.
• Identify opportunities and execute plans to improve the security assurance workflow in both the global and local context while quantifying the business impact of those improvements for communication to management.
• Engage with technology and business teams within your area to educate them on EY’s Information Security program, guiding them to the right teams and services to support their needs.
• Advise, raise awareness and assist project managers and operational staff on the security requirements (technology, process, data management, etc.) to be integrated into each of our projects.
• Work independently with minimal oversight from management.
• Minimal travel is anticipated for this position.

Skills and Attributes for Success

• Understanding of security‑related regulatory and data privacy concerns globally.
• Familiarity with the data protection requirements of EU GDPR and Italian regulatory bodies such as Garante per la Protezione dei Dati Personali (IDPA).
• Flexibility to adjust to multiple demands, shifting priorities, ambiguity and rapid change.
• Outstanding management, interpersonal, communication, organizational and decision‑making skills.

Required Qualifications

• Ten or more years of experience in Information Security or Information Technology disciplines.
• Significant experience working with common information security standards such as ISO 27001/27002 or NIST; other related standards such as ITIL or COBIT are a plus.
• Experience with cloud security concepts and enterprise federation services.
• Fluency in reading, writing and speaking Italian and English.

Preferred Qualifications

• An advanced degree in Computer Science, Information Systems, Engineering or a related major.
• Professional certifications such as CISSP, GIAC, CISM or CISA.
• Experience translating information security concepts into business and technical language.

What We Look For

• An individual who communicates clearly and with self‑confidence.
• Ability to understand and integrate cultural differences and work effectively in cross‑cultural teams.
• Demonstrated integrity and judgment within a professional environment.
• Flexibility to adjust to multiple demands, shifting priorities, ambiguity and rapid change.
• Outstanding management, interpersonal, communication, organizational and decision‑making skills.
• The demonstrated characteristics of a forward‑thinker and self‑motivator who thrives on new challenges and adapts to learning new knowledge.

What we offer you

We’ll develop you with future‑focused skills and equip you with world‑class experiences. We’ll empower you in a flexible environment and fuel your extraordinary talents in a diverse and inclusive culture of globally connected teams.

To help create an equitable and inclusive experience during the recruitment process, please inform us as soon as possible about any disability‑related adjustments or accommodations you may need.