Manager, Security Governance

3. JOB PURPOSE:

Oversee an effective and support focused function to ADNOC in relation to Governance and Risk and be the key point of contact for Group Companies in security related governance and risk matters. Manage the internal monitoring, document control and review of the Protective Security Management System (PSMS) in accordance with ISO28000 and ensure alignment with ADNOC’s Integrated Management System requirements.

Lead and manage the department, overseeing the development and implementation of governance processes to control and direct ADNOC's approach to protective security. Ensure the identification, assessment, and prioritization of security risks align with business objectives.  Manage the internal monitoring, document control and review of the PSMS, in line with the applicable IMS requirements.

Oversee, review, and maintain an appropriate emergency readiness capability with which to respond to security events. Ensure all security related investigations are completed in line with ADNOC standards and any corrective actions arising from such investigations are implemented in a timely and appropriate manner. Review opportunities for shared technical resources, cost and/or services across partner groups to ensure that ADNOC benefits from improved access to service teams and technical resources.

Develop and execute a strategic plan for the department's technical security systems, in alignment with the organization’s security objectives and goals.

4. KEY ACCOUNTABILITIES

Job Specific Accountabilities:

• Develop and maintain governance policies and standards that underpin physical security within the company.
• Define key processes required for compliance with physical security policies and standards, working with partners to standardize processes across the organization.
• Lead the Protective Security Management System framework for personnel and infrastructure protection, ensuring clear and standardized roles and accountabilities across the organization.
• Set metrics for process policy and standards compliance, aligning them with benefits realized and key business outcomes.
• Establish reporting and monitoring of metrics to measure the maturity of the Protective Security Management System.
• Conduct threat analysis and assess security requirements to detect, respond to, and recover from physical security incidents and associated disasters that could disrupt business operations.
• Develop consensus on appropriate measures and risk tolerances for detection, response, and recovery from major/minor security incidents.
• Develop, implement, and maintain Level 1, 2, and 3 QMS documents for the Group Corporate Security Function.
• Build productive relationships with Group Companies, ensuring information exchange and mutual assistance, and contribute to effective learning and development opportunities related to governance.
• Maintain the Security Function’s risk register in conjunction with ERM policies.
• Coordinate with legal advisers to ADNOC to ensure ongoing fulfilment of applicable regulatory obligations.
• Provide governance advice and support to stakeholders and interested parties to ensure statutory compliance.
• Coordinate the development of security roles in coordination with Crisis Management, including assessing risks, aligning responses, anticipating changing incidents, and making timely decisions.
• Coordinate independent third-party testing of the PSMS program periodically.
• Support the process for reporting and updating information related to site security incidents, failures, and near misses.
• Analyse complex information to establish action plans for risk reduction.
• Support the collection, analysis, and presentation of risk management data to measure the effects of change and monitor continuous improvement.
• Participate in proactive risk reduction activities using tools such as Failure Mode Effect Analysis and Threat Vulnerability Analysis.
• Monitor developments in governance practices within the energy sector and local government.
• Oversee delivery of technical activities relating to protective security solutions for new-builds, upgrades, and retrofit of modifications.
• Proactively identify and take measures to mitigate technical risks, in coordination with the relevant teams managing projects.

Generic Accountabilities:

• Identify and diagnose issues and problems.
• Categorize and record reported queries and provide solutions.
• Support problem identification.
• Advise users on appropriate courses of action.
• Monitor issues from start to resolution.
• Escalate unresolved problems if needed.
• Provide essential online security advice and support.

Supervision

• Oversee assigned direct-hire and subcontractor-provided operational security services.
• Advise on modifications to operational security practices based on changes in federal laws and local regulations.
• Address non-routine queries and instances of non-compliance, supervise event investigations, and make recommendations as applicable.
• Administer tasks of a routine and repetitive nature.
• Exercise authority by administering well-defined rules and protocols. 

Budgets

• Coordinate inputs for the preparation of the department's budget.
• Assist in the implementation of the approved budget and work plans to achieve business objectives.

Policies, Systems, Processes & Procedures

• Implement approved department policies, processes, systems, standards, and procedures in line with management system standards (ISO 28000 and API 780).
• Review Security Risk Assessments, Security Plans, SOPs, and Post Orders applicable to the assigned areas of responsibility.