Description:
The Security Manager is responsible for developing, implementing, and overseeing security strategies across all construction projects—both sensitive and non‑sensitive—to protect people, assets, information, and operations. The role ensures that physical, personnel, and information security controls are applied consistently, proportionately, and in compliance with legal, regulatory, and client‑specific requirements.
Key Deliverables And Accountabilities
Physical Security
- Develop and implement project‑specific physical security plans for controlled, restricted, and standard construction sites.
- Conduct site security risk assessments and recommend proportionate mitigation measures.
- Oversee management and performance of physical security systems (CCTV, access control, alarms, perimeter protection, lighting).
- Crime reduction strategies
- Lead incident response for security breaches, theft, vandalism, or unauthorised access.
- Coordinate with site managers to ensure security controls align with construction phasing and operational needs.
Personal Security
- Support project personnel vetting compliance and provide main point of contact for client security team.
- Maintain access management processes to project sites.
- Deliver security inductions, toolbox talks, and awareness training for all workers.
- Ensure compliance with insider‑threat controls, contractor management procedures, and behavioural security expectations.
- Investigate personnel‑related security incidents and escalate where required.
- Advise HR and project leadership on employment lifecycle security considerations (onboarding, role change, exit procedures).
Information Security
- Implement and monitor information security controls aligned with company policy and project sensitivity levels.
- Ensure secure handling, sharing, and storage of digital and physical information, including drawings, specifications, schedules, and restricted technical documentation.
- Enforce procedures for classification, marking, and protective handling of sensitive information.
- Coordinate with IT to ensure secure use of systems, mobile devices, cloud services, and site‑based technology.
- Support implementation of Secure‑by‑Design principles for sensitive construction environments.
- Lead or support incident response for data breaches, cyber‑related issues affecting site operations, or loss of information assets.
Compliance and Governance
- Ensure compliance with relevant legislation, standards, and client frameworks (e.g., health & safety law, data protection, security‑specific project requirements).
- Maintain policies, procedures, and audit readiness for security assurance activities.
- Prepare reports, dashboards, and risk assessments for internal governance and external stakeholders.
- Participate in tender responses, client meetings, audits, and design reviews for security aspects.
Risk Management
- Carry out security risk assessments across the project lifecycle (design, construction, commissioning).
- Identify emerging threats (criminal, environmental, cyber, insider) and implement mitigation measures.
- Maintain security risk registers and ensure controls remain proportionate and effective.
Incident Management and Investigations
- Lead security incident investigations and coordinate with law enforcement, regulators, and clients where appropriate.
- Maintain incident logs, root‑cause analyses, and lessons‑learned processes.
- Develop and exercise emergency and crisis response plans relevant to security scenarios.
Leadership and Stakeholder Engagement
- Act as the primary security SME to project teams, senior management, and client representatives.
- Support security integration into site planning, logistics, design, and operational decision‑making.
- Build strong working relationships with police, local authorities, regulators, and security partners.