SCOPE OF ROLE:
As a Security Manager: To implement a country specific Security Management plan for Nepal to ensure compliance with Group Security, Fire Safety and non-IT information security policies & procedures. To also ensure that local regulations on safety and security are adhered to.
As a BCM: To implement a country specific Business Continuity Management plan to ensure compliance with Local & Group Policy & procedures in Country to required standards by providing expertise and support to businesses on the development, maintenance and testing of the Business Continuity Management framework.
As a Security Manager
- Develop and maintain robust processes, ensuring transparency, audit ability and cost efficiency.
- Security reviews
- Compliance to security policy & procedures
- Security awareness program to the concerned team including on various external risks/threats and personal security
- Security review reports including bi-monthly security report to Region/Group Security
- Adherence to Country MPBP (Manual of Personal and Business Protection) and Security Operating Instruction.
- Conduct Vendor performance evaluation & obtaining user feedback.
- Extend support to Business Units in Handling Emergencies.
- Design and implement a security system in line with Local and SCB requirement.
- Ensure that Security Training and awareness programmes for staff are conducted at all locations at appropriate intervals.
- Ensure that Guarding agencies carry out training of Security Personnel regularly.
- Support Country Business Continuity on Security aspects as and when required.
- Adjust/ review policies on premises Security in line with the `lessons learned’ by taking into account occurrence of incidents.
- Improve Premises Security as per Group Standards and to mitigate the risks of external threat and terrorism.
- Ensure that gaps identified during the security reviews are corrected within agreed timeframe.
- Ensure that the security layouts of all new premises are vetted by Group Security and are in conformity with the Group standards.
- Support staff if called for/summoned by the local government authorities.
- Extend full support to the local Senior Management on their request.
- Ensure all possible support is extended if staff are threatened or have been subject to abusive calls.
- Provide advice and guidance to different regions/Branches by remaining within the area of responsibility.
- Ensure that residual risks within Security Management (Risk Control Areas for CRES) throughout Nepal remain within acceptable risk levels¹ by identifying material risks, maintaining an effective control environment and understanding and accepting or rejecting levels of residual risk in line with Operational risk procedures. (Acceptable risk levels may be determined by reference to: Risk registers, OR Profiles, RMF & other applicable policies and procedures)
- Report all Incidents promptly and keep senior leadership and Group security informed on all potential security risks at all times.
- Track the Group visitors and be prepared to respond during any crisis with appropriate communication/response plan.
- Ensure that there are no adverse audit/assurance remarks on security management.
- As a Responsible Person (RP) for Security, ensure that the risk is diligently reported and tracked as per ORMA model of CRES
- Track and ensure timely submission of all in country/Regional and Group reporting requirements.
As a Business Continuity Manager:
- Establish and maintain a community of Department Continuity Coordinators (DCC's) across the country for the development, maintenance, and testing of Business Continuity plans for all departments & branches.
- Establish and maintain a Business Continuity strategy in line with Group standards, to ensure recovery capability is in place to meet the needs of business across country locations.
- Ensure DCC's are appropriately trained in their Business Continuity duties, and provide support and guidance as required.
- Manage compliance and reporting as per BCM key controls.
- Notify Regional / Group BCM of all BCP related audit activity in country.
- Monitor local regulatory body for BCM requirements and report on compliance / gaps to functional management
- Together with technology teams, ensure IT DR capability meet business recovery requirements
- Maintain a BCM activity schedule that includes exercising country IT DR plans
- Delivery of an effective Crisis Management framework
- Be responsible for maintaining BCP sites (including host/refugee, common area locations), to ensure that they are available and functional for use in the event of an emergency situation
- Provide timely MIS to functional management on activities, tests, and incidents across the country
- Carry out at least one simulation exercise involving different business and Country Crisis Management Team (CMT) every six months to test preparedness of Crisis Management Plan
Qualifications, Skills & Work Experience:
- Should be a Nepalese Citizen
- Preferably a Master’s Degree; Bachelor Degree is a must (any discipline). Preference given to candidates having served a minimum of 7 years in government security agencies and/or having work experience in commercial banks, multinational companies
- In depth knowledge of security management, preferably of the banking sector
- Good knowledge of Crisis Management and Business Continuity plan
- Well versed on socio-political environment of the country
- Ability to effectively work under pressure
- Good technical skills relating to electronics, communications, mechanics and other security devices
- Ability to maintain effective working relationship with vendors/service providers/security agencies/government authorities
- Strong communication, writing, analytical and presentation skills
- Strong computer skills (words, excel and PowerPoint).
- Strong negotiation skills in deriving “cost-benefits”
- To develop and implement policies that will enhance security benefits to the Bank
- Candidates displaying high level of honesty, commitment and integrity
- Good implementation skills of projects