Principal Specialist, Cybersecurity Operations Ma'aden Aluminium Company (MAC)

1. KEY ACCOUNTABILITIES:

Focus Area

Get results through individual contributions

Operational / Functional

1. Cyber Security Operations Management: - Oversee and direct Cyber security activities to execute the Cyber security program at all MAADEN including Corporate and Affiliates within Saudi Arabia, India, Malawi, Zimbabwe, Mozambique, South Africa and Mauritius - Ensure that the rules of use for IT/OT systems and the administrative procedures for IT/OT systems comply with the MA ADEN s Cyber security policies. - Ensure that services provided by business and other enterprises, including outsourced providers are consistent with established Cyber security policies - Perform daily monitoring, maintenance and improvements as needed to the security solutions deployed across Ma aden on the perimeter, infrastructure, network-level, system-level and database-level - Maintain cyber threat situational awareness of internal and external threats and vulnerabilities through enhanced monitoring capabilities and oversight of systems and processes used to assess security - Monitor users, applications, networks, systems, and access to physical assets - Perform periodic review of audits logs (includes review and retention) of applications, networks, systems, and access to physical assets - Perform periodic user access review across Ma aden s registered users - Conduct physical and logical security control assessments (vulnerability assessment), security monitoring, detection, and security status reporting to enable informed decisions - Scans, analyzes, and apply countermeasures of vulnerabilities - Detects, analyzes, and eliminates viruses and malicious code 2. Incident Response Management: - Establish and manage capability to respond to and recover from disruptive and destructive Cyber systems incidnets - Design and implement processes for detecting, identifying and analyzing security related events - Develop incident handling recovery plans including organizing, training, and equipping teams - Ensure periodic testing of the response scenarios and recovery plans where appropriate 3. Business Continuity and Disaster Recovery Plan Management: - Execute, coordinate, maintain and supervise comprehensive Business Continuity and Disaster Recovery Programs, strategies, plans and procedures within the seven countries - Coordinate and manage activities related to the Business Continuity Plan (BCP) including the Disaster Recovery Plan (DRP) - Coordinate the maintenance of the BCP/DRP documentation - Primary liaison between key stakeholders of MA ADEN s BCP e.g. Senior Management, Directors and Managers, Staff, Consultants, vendors and auditors 4. Cyber Security Compliance: - Implement and comply with Cyber Security policies and procedures in the manufacturing environment - Participate and contribute in the early stages of design for manufacturing technologies and systems to ensure alignment with Cyber Security requirements and standards - Build the Cyber Security standards in terms of manufacturing and operational technologies in cooperation with Enterprise Cyber Security team and Process controls owners in Ma aden affiliates. - Participate in auditing activities to ensure security policies, requirements and best practices are effectively applied

1. Self & team consistently meets targets, due dates and quality standards (production, service, advice, etc.) 2. Achieve Quality targets by Consistently reducing all non-value-adding work 3. Cost target achievement by Consistently improving team productivity 4. All Plans and team objectives consistently executed and achieved in a safe working environment 5. Productivity target achievement 6. Achievement of Saudization Targets

Leadership

1. Performance Management & Capability Building: - Lead the MA ADEN Corporate and Affiliates IT/OT security team: plan, organize, assign, supervise and monitor the work of team members - Review overall KPIs, performance and cyber security measures for all Ma aden IT and OT networks. - Reports Cyber security related performance KPIs. - Conduct periodic performance reviews of the staff. - Building required capabilities and competencies within Cyber security staff. 2. Planning & Budgeting: - Develop the 5 years business plan a budget for Cybersecurity Operations function. - Establish and maintain plans to implement the Cyber security operations projects. - Define annual Cyber security budget and obtain management approval. - Manage the Cyber security budget in implementing the Cyber security program. - Prepare the budget for cyber security Operations requirements

1. Establish High performance in the team through Goal clarity and alignment of all team members (performance direction) 2. Drive Team performance and performance management through regular performance reviews and giving recognition where it was due; Always deal with performance issues in a proactive manner 3. Increase the Team skill level, succession and career progressions though by enabling the achievement of development objectives for one self and all team members 4. Change management and communication well communicated and effectively executed across the business 5. Quality diversity decisions on opportunity utilization (Employee Movements) 6. Creates a high performance culture and values driven environment (team motivation and wellness) by Improving engagement and enablement levels that results in high performance 7. Governance and legal compliance (audits and inspection) 8. Work alignment and collaboration across boundaries (value chain) 9. Resources availability and optimization by ensuring that Cost effective resources are available for results delivery on a daily basis 10. Diverse succession pipeline planning and retention