**MISSIONS OF THE CHIEF SECURITY OFFICER**
Goal:
The Country Security - in full coordination with the Regional HUB Chief security officer - leads, coordinates, plans, implements and organizes security-related activities for all Global Business Units and other Engie entities operating in his/her country (or area) of responsibility. In his/her country (or area of responsibility), he/she is the pivotal element for all security-related matters, whether they concern the Group or third parties that collaborate with it. He/she cooperates with all interested parties and actively participates, within the framework of his/her functions, in protecting our employees, our infrastructures and our information against malicious acts by ensuring the definition and implementation of prevention/protection measures that mitigate the security risk to an acceptable level.
Organization
The CS is appointed by the country managing director. Under the supervision of his/her manager (who can be a “local” member of the board of director of a GBU (or of the Engie entity) that has the most "security" issues to deal with in the country concerned), the CS acts under the supervision of the Regional HUB Chief security officer ("functional" authority) to whom he/she reports directly for all security issues and also for logístical/financial aspects when support from the Regional HUB CSO is required. He/she must develop with the Regional HUB CSO a fair annual or multi-year budget to implement his/her activity plan. He/she prepares with his/her manager during the year N his/her objectives for the year N+1 which he/she submits for approval to the Regional HUB CSO who can add or delete some of them or to modify their priority.
Job description:
- advise the country managing director and managers of GBUs (or other Engie entities) operating in the country on security issues,
- ensure that the Group's security policy is deployed in his/her country and that his/her security action plan is aligned with this policy and with the related Group Guidelines,
- maintain and develop liaison with all Engie local entity personnel and, if necessary, with local administrations and appropriate government/military agencies
- maintain and develop dialogue with the security managers by participating in the bimonthly "security gathering”, by regularly transmitting to the Regional HUB CSO the information needed to fill in the security incident reporting tool (or by feeding the tool himself/herself) and by reporting any notable event,
- proactively identify, monitor, and respond to potential and actual threats to ENGIE employees, assets and facilities in his/her country (or area of responsibility) and provide alerts on immediate threats and emerging trends to managers and, if necessary, to his/her Regional HUB CSO for informed decision(1)making,
- monitor local regulations, technologies, and threats, contribute to the DSIE "threat watch" and facilitate exchanges between the DSIE (and more specifically its business intelligence unit) and the entities/managers for whom the "competitive intelligence" information is relevant,
- ensure that appropriate physical protection measures are implemented85 (badges, cameras, alarms, electronic/physical locks, etc.) ensure a secure environment for employees, and in particular, for local employees and expatriates, and provide travel advice to business travelers on assignment (including local security alerts),
- participate in the protection of sensitive and/or strategic information by raising staff awareness, by mapping this data in liaise with all internal or external entities concerned (and in particular DPOs/CDPMs, CISOs, Risk officers, Internal control officers, and local authorities for documents classified as "National Security"), by contributing to the implementation of the Group's information classification, and by conducting or participating in investigations when a leak of sensitive information is identified,
- preparing to manage a security crisis (or participating in a crisis unit which includes a "security" issue),
- participate in the annual internal control exercise (self-assessment), in coordination with the Regional HUB CSO, identify gaps and develop risk mitigation plans,
- lead and manage the "security" aspects of major Group events in his/her country, in liaise with his/her Regional HUB CSO when necessary,
- developing, if necessary and in conjunction with his/her Regional HUB CSO, country-specific security policies, procedures and plans to maintain appropriate security, in compliance with Group security rules and local regulations,
- regularly perform, with the support of his/her Regional HUB CSO, third party “audits” (security providers) and/or due diligence (subcontractors, private security companies...) and share the result with his/her Regional HUB CSO and the DSIE when necessary,
- collaborate with business developers to identify risks related to their projects and operations (current or future)