• You advise our clients on building and advancing their crisis resilience: from designing crisis organizations and establishing and training crisis management teams to embedding resilience into day-to-day operations • You work with clients to build crisis teams in a structured way, define roles and procedures, and ensure demonstrable operational readiness in emergency situations • You plan and facilitate crisis exercises and simulations, from tabletop exercises to full-scale drills, so teams know what to do when it matters • You actively shape our crisis simulation formats: design scenarios, develop exercise materials, and detail the content and flow of simulations • In Business Continuity Management (BCM) and IT Service Continuity Management (ITSCM) you guide clients from Business Impact Analyses (BIAs) through emergency concepts to practical runbooks and playbooks, in close collaboration with our Cloud Architect • You monitor regulatory developments, identify implications for our clients, and introduce new approaches into our consulting practice

Role Description The Law Enforcement Response (LER) Advisor role is a specialized, external vendor position focused on managing legal requests from law enforcement agencies worldwide. Shifts: 6am – 15pm Sofia Time, Mon - Friday Work location: 100% remote Function: Dedicated specialist responsible for managing Law Enforcement Requests (LER) received by Spotify from end-to-end. Core Duties: - Triage and review incoming LER requests, including legal documentation. - Assess requests against internal LER guidelines, policies, and playbooks. - Initiate and validate data retrieval packages through internal systems, ensuring critical accuracy and quality control before delivery. - Acknowledge and respond to requests from law enforcement agencies worldwide regarding the status and outcome of their submissions, adhering to tight turnaround times (SLA deadlines). Critical Warning: The role involves exposure to sensitive and harmful content, including material related to criminal investigations, violence, exploitation, and child safety. Mandatory and extensive psychological wellbeing support is provided to all team members. Qualifications - Excellent Swedish (C1) - Valid EU work permit - Similar experience is a big plus - Strong communication and problem-solving skills - Comfortable explaining complex topics in a clear, simple manner - This is not a typical customer service role; it requires precision, sound judgment, comfort with ambiguity, and the ability to work independently under time pressure to manage competing priorities. Benefits - Permanent contract with long-term job security - Fully remote training and work from anywhere in Bulgaria - Additional health and life insurance - 21 days of paid annual leave - Food vouchers and Multisport card (partially covered) - Performance bonuses - World-class training and career growth opportunities - Digital HR services and 24/7 psychological support Company Description - Fully digital onboarding and contract signing - Recognition and referral programs - Engaging employee events and wellness initiatives - Learning platforms and certification support - Exposure to global business and an inclusive, multicultural environment

Role Description This role will execute the service strategy of the Risk Control (RC) department and organization to deliver high value service to large accounts while partnering with underwriting, agents/brokers, and direct sales representatives. Actions to support this include development, implementation, and management of all aspects of the risk control support and service activities for large accounts in assigned territory to aid in account retention, loss reduction, and new business growth. - Work with policyholders and prospective accounts in collaboration with partners including sales, agents/brokers, and underwriting. - Represent RC at service capability presentations, and on-site meetings to review the delivery of RC services to accounts in assigned territory. - Create risk control service plans for assigned clients to address loss history and reduction, account retention, and other goals identified with partners. - Implement service plan activities throughout the policy year and document efforts and success. - Conduct surveys and assessments of large accounts in territory to develop meaningful service plans and activities to support service goals. - Deliver service capability presentations to brokers/direct sales staff, prospective policyholders, and customers as necessary. Qualifications - Bachelor's degree or equivalent experience is required. Bachelor's degree in a safety-related field is preferred. - Evidence of continuing education in the insurance industry is desired. - A minimum of five years' professional-level experience working in a commercial lines risk control function. - Experience in managing risk control services on large accounts is preferred. - Mastery in developing presentations and presenting to groups. - Excellent verbal and listening skills. - Excellent planning skills for service delivery and itinerary management. - Demonstrated consulting skills in the risk control area. - Proven ability to analyse data, develop, and implement solutions. - Proven time management and detailed organizational skills. Requirements - Overnight travel may be required within assigned territory. - Travel potentially via plane to customer locations. - Ability to operate a motor vehicle. - May require occasional physical activities that include standing, walking (including extended periods on level and uneven walkways and surfaces that are wet, icy, snowy, or cluttered), bending, kneeling, stooping, crouching, crawling, and climbing (including ladders and stairs). Company Description The CM Group is made up of Church Mutual Insurance Company, S.I., CM Regent Insurance Company, CM Vantage Specialty Insurance Company, and CM Select Insurance Company.

• Aufbau, Weiterentwicklung und Auditierung von ISMS nach ISO 27001, BSI IT-Grundschutz und TISAX • Durchführung von Security Audits, Revisionen und Cyber Risk Assessments • Beratung zu regulatorischen Anforderungen wie NIS2, KRITIS, DORA, DSGVO • Schutzbedarfsfeststellung & Informationsklassifizierung • Entwicklung von Sicherheits- und Notfallkonzepten (BCM) • Begleitung von IT-Sicherheitsprojekten (Cloud Security, IAM, SIEM, Schwachstellenmanagement) • Durchführung von Trainings, Workshops und Awareness-Maßnahmen