Security Policy and Risk Specialist

Job Purpose

Supporting the development of WTTCO’s security policies, standards, guidelines, and programs; following-up on security policies and programs implementation, setting the risk and impact assessment framework, and improving emergency response plans based on conducted simulations or actual outcome.

Key Roles and Responsibilities

• Ensure work is performed based on approved policies, processes, procedures and instructions.
• Identify opportunities for continuous improvement of the systems, practices, cost ‎optimization, and productivity & efficiency improvement.
• Ensures compliance with all applicable laws, rules, regulations, and standards within WTCO and related functions such as but not limited to (HC, HSSE, Risk and Cybersecurity, etc..).
• Escalate problems to ensure case/issue is closed efficiently and in a timely manner.
• Advise on WTTCO’s HSE policies, standards, guidelines and programs based on conducted studies, analysis, and internal needs.
• Provide recommendations for the development of policies communication program in coordination with HR and Corporate Communication as needed, issue related tolls, and ensure needed logistics are accordingly prepared.
• Recommend action plans and agenda, identify needed resources to enable program/ initiative execution, and ensure proper sequencing and timeline setting for action plans.
• Compose and update reporting tools for monitoring purposes and ensure compliance with quality standards.

Key Roles and Responsibilities 2

• Conduct periodic meetings, workshops, and training sessions to enable implementation of developed security programs.
• Provide guidance for the development/ update of risk impact and assessment frameworks and tools based on research and benchmarks to properly assess potential risks in terms of intensity, frequency, extent, time frame, and manageability.
• Set qualitative and quantitative risk analysis process methods and techniques including but not limited to sensitivity analysis, expected monetary analysis (EMV), cost benefit analysis, etc. to obtain consistent risk scoring.
• Provide recommendations to support the development of risk indicators to monitor real time risk evolution, and create a set of empirical factors when needed to score unusual identified risks.
• Consolidate risk and impact assessment framework with Security Policies and Surveillance Manager for enablement and implementation.
• Support in identifying risk dependencies, interdependencies, and the timeframe of the potential impact.
• Provide technical guidance to score risks and validate with concerned stakeholders and prioritize risks based on final score.

Key Roles and Responsibilities 3

• Provide recommendations for the design of various types of identity access cards in coordination with IT Unit (FTE cards, interns, special visits, etc.)
• Provide guidance for the design if security systems and appropriate infrastructure requirements, define needed tools and equipment, and follow up on proper implementation to ensure consistency in security measures within WTTCO’s premises.
• Prioritize received queries related to policies implementation and ensure timely reply.
• Follow up with internal stakeholders on program implementation, and advise on internal governance bottlenecks to facilitate program enablement.
• Advise on the development of emergency response plans and recovery strategies to ensure site preparedness to potential disaster.
• Review emergency simulation reports to track gaps in emergency response plan and accordingly advise on corrective actions.
• Refine needed budget and resources through proper comparison with previous yearly budgeted/ actual costs.
• Support the development of training programs to raise awareness across WTTCO’s plants about possible risks and the importance of security procedures in daily operations.
• Provide input for the development of reports regarding operations, activities and achievements for reporting and decision-making.

Education Requirements

Key Communications

Internal Stakeholders

• Operations & Maintenance
• Warehouse
• R&D
• All Departments 

External Stakeholders

• International Bodies
• HCIS
• National Water Company
• External Entities
• Vendors/ Contractors
• External Laboratories

Disclaimer

The above job description is meant to describe the general nature and level of work being performed; it is not intended to be constructed as an exhaustive list of all responsibilities, duties, and skills required for the position. Accordingly, there is no way this Job Description states or implies that these are the only duties to be performed by the employee in this position. Employees will be required to follow any other job-related instructions and to perform other job-related duties.