Manager: Risk & Security Governance needed at Anglo American

Job Description:
This role reports into Security Services Department

• To ensure the effective management of risks through the application of a standardized risk management process and that the information derived from the risk management process is adequately reported and used as a basis for decision making and accountability at all relevant organisational levels.  To ensure compliance with the relevant risk management practices defined in the corporate governance guidelines. Establishing and maintaining a security governance, -audit and -assurance framework for DE BEERS UPSTREAM TECHNOLOGY, ensuring and coordinating the development and publication of security procedures, policies, best practice guidelines and an audit framework to enable accurate measuring and tracking of UPSTREAM TECHNOLOGY Security performance. This role is the focal point to lead the continuous improvement of the state of security effectiveness at UPSTREAM TECHNOLOGY 

Your role will include:

Safety & Health

• Undertaking risk assessments to identify hazards and mitigating measures to manage and reduce identified safety risks

Environment

• Fostering awareness, communicating and building a culture of shared accountability for the environment.

Security

• Protection of our people, product, assets and reputation.
• Ensure security incidents has no significant impact to In Port projects, People, Assets, Product, Information and Reputation.

Financial Effectiveness  

• Assist in compiling the Security budget by providing information based on risk, operational security and organizational requirements.
• Participate in cost saving initiatives and adhere to financial procedures.
• Manage and control the allocation of funds

Management    

• Manage and co-ordinate the performance and activities of the Senior Security Officer Corporate Office responsible for DBM Gardens Security effectiveness

Strategic Effectiveness  

• Interpret and develop audit and risk plans in accordance with UPSTREAM TECHNOLOGY Objectives, Security plan, Group Security Strategy, and the International Ship and Port Facility Security Code (ISPS), while coordinating and implementing security operational plans to quantify and mitigate risks, ensuring an effective asset protection philosophy.

Effective Security Governance    

• Sustain security effectiveness through the development and implementation of the Security Maturity Model, Audit and Risk Plans, while supporting UPSTREAM TECHNOLOGY by executing joint effectiveness reviews and auditing UPSTREAM TECHNOLOGY mining/sample vessels.

Security Risk Management         

• Integrate Security Risk Management into the full UPSTREAM TECHNOLOGY business Value Chain and create the appropriate awareness and understanding of the risks accepted by the company.

Investigations   

• Ensure that information from the risk management process is reported and used for security investigations and determine findings and implement recommendations during and after these investigations to effectively manage risks.

Contract Management

• Managing security contracts end to end to maximize operational financial performance and ensure that the supplier complies with and meets the goals of the contract.

Qualifications:

• Degree in Security Risk Management, Security Management, Criminology or NFQ7 equivalent

Experience:

• Minimum 6 years’ experience working in a risk / maritime / mining / construction / security environment / Engineering environment
• Risk Management Certifications, e.g. but not limited to ISO 3100, SACA Certified in Risk and Information Systems Control® (CRISC®),  

       Or

• PMI Risk Management Professional® (PMI-RMP®), ISC2 Certified in Governance, Risk and Compliance® (CGRC®), BCS Practitioner Certificate in Information Risk Management (PCIRM), ISO 31000 Foundation — Risk Management.

       Or

• Risk Management – Anglo and De Beers Way
• Excellent Knowledge of the Kimberley Certification Scheme, Diamond Act 13 of 1999 (Namibia), Diamond Act, 56 of 1986 (RSA), Criminal Procedure Act 51 of 1977, Company policies and procedures, Group Security Standards, Risk Management, process and data analytical systems and control environment.
• A comprehensive understanding of the security function gained through formal education and complemented with practical experience would be an advantage
• Active exposure to an industrial security technical environment, project and/or systems engineering process.
• Involvement with an investigation or post incident review following a major incident and been held accountable for implementation of recommendations
• Proven background on contract management and project management would be an advantage