To lead, plan and direct cyber, data and physical security operations for TAQA in order to ensure establishment and sustenance of safe and secure operations in line with local and international regulations, guidelines and global best practices to assure the safety of all assets within TAQA.
STRATEGY DEVELOPMENT AND IMPLEMENTATION
• Develop and direct the implementation of the functional strategy ensuring alignment to group strategy, TAQA s vision, mission, and corporate objectives.
• Ensure that functional strategy and related strategic plans are developed and implemented, which are aligned with the vision and mission of the organization.
• Ensure the provision of subject matter expertise for the assigned domain and provide counsel to TAQA s leadership on all related areas to facilitate the achievement of TAQA s strategy and functional strategies.
• Develop and lead the implementation of Security functional policies, systems, processes, procedures, and controls covering all areas of assigned functional so that all relevant procedural/legislative requirements are fulfilled while delivering a quality, cost-effective service in a consistent manner.
• Lead and direct the development, implementation and maintenance of an integrated security / protection program for TAQA facilities ensuring compliance with corporate security policy and procedures, and identifying, investigating and managing security incidents / potential security hazards in order to ensure the most secure business environment and to protect staff, assets and liabilities.
• Secure the collection of information relating to security and its effective and timely exchange to support optimum protection of TAQA resources.
• Lead and direct the development of a methodology for conducting security threat assessments to guarantee the provision of plans and procedures to enable response to changing security levels.
• Ensure the availability of sufficient security measures to encounter expected risks.
• Lead and direct the development of contingency plans to mitigate the risk of disaster, and to retain the appropriate ability to respond to a crisis should it occur.
• Lead the TAQA security network to help coordinate the security function throughout the company
• Review and update strategy plans and procedures to keep pace with industrial development and changing risk profiles.
• Oversee the design and installation of integrated electronic security systems, such as Access Control, CCTV surveillance, intruder alarms, smoke detectors and outdoor perimeter and microwave alarms.
• Lead and direct the effective management of security related communication flow and coordination across TAQA and government authorities.
• Establish an investigating and reporting structure to facilitate the effective recording and analysis of incidents involving injuries, property damage, fraud, robbery, arson and near misses due to accident or crime.
• Lead and direct the conducting of site reviews, writing audit/review reports, reviewing findings, and making recommendations line management and /or their security coordinators.
• Ensure effective monitoring of local, national, and international security trends / threats and advise senior management proactively for any aspects to ensure preparedness by TAQA.
• Represent the security function on any due-diligence activities relating to new projects, mergers or acquisitions.
CYBER SECURITY GOVERNANCE
• Lead and direct the development of the cyber security governance framework, policies, procedures, guidelines and plans and ensure that all procedures are implemented by the IT Security function and that all cyber security activities are in line with TAQA strategy and planning documents.
BUSINESS CONTINUITY AND RESILIENCE
• Lead and direct the establishment of the cyber resilience framework, including plans, resources and attack simulations in the aim of protecting the group from cyber risks, defending against and limiting the severity of attacks, and ensuring that business operations continue to function.
• Lead and direct the development of disaster recovery arrangements including escalation procedures, crisis management and recovery management plans to ensure the Group is fully prepared in the event of a crisis.
CYBER SECURITY RISK AND COMPLIANCE
• Lead and direct the maintenance of TAQA s Cyber Security Risk Register, conduct risk assessment, and identify controls to effectively manage cyber security risks, including the definition of risk handling, strategies (mitigation, avoidance, or acceptance).
• Direct and drive TAQA s compliance framework including key procedures and stakeholders to ensure the protection of the integrity, confidentiality, and accessibility of information stored, processed, or transferred.
• Lead the implementation of the Cyber Security Compliance dashboard and ensure regular compliance reporting.
• Act as the Cyber Security audit focal point and coordinate with the of external and internal Cyber Security auditors.
• Lead development of travel security policy and procedures, including travel management measures appropriate to security threat levels in country of travel
• Oversee tracking system to ensure awareness of location of TAQA people to ensure effective evacuation in event of materialization of risks.
• Implementation and operation of an Executive Protection programme to ensure appropriate controls are in place for TAQA Executive Team (N and N-1) members travel.
QUALIFICATIONS & EXPERIENCE:
• Bachelor s degree in Computer Science, Business Administration, Information Management or any other related field.
• 15+ years of relevant experience in Security Management, Business Continuity Management, Internal Audit, Risk Management, or any related discipline.