Vice President and Chief Security Risk Officer (CSRO)

Recruiters: Cheniere Energy Inc. 
Location:Houston, TX

Red Five ( specializes in customized and complex security solutions for our unique clientele. Red Five’s personnel have extensive experience in security operations; design and project management; intelligence operations and analysis; threat and vulnerability assessments; investigations; and training corporate and government security professionals around the globe.
Red Five Security is partnering with Cheniere Energy, Inc. to fill the below position of Vice President and Chief Security Risk Officer.  This person will be an employee of Cheniere Energy, Inc. and not Red Five Security. 
The Vice President and Chief Security Risk Officer (CSRO) reports to the Chairman, Chief Executive Officer and President and is accountable for the development and execution of the organization’s global security risk management strategy and related programs. Specifically, this position is responsible for four dimensions of security risk management with respect to the viability and survivability of the enterprise: Financial, Operational, Compliance, and Strategic. The position will lead global programs to safeguard people, assets and information systems, mitigate physical risk and manage loss prevention. The Vice President and Chief Security Risk Officer will convene an enterprise security risk management council or committee to enhance whole-of-enterprise security risk management. The Vice President and Chief Security Risk Officer is responsible for (1) providing regional security teams globally with the necessary standards, processes and guidance to ensure consistent implementation of established security programs and (2) serving as the focal point for security enterprise-wide.

Extensive knowledge and experience is required in the security industry including security of personnel, assets, information systems (corporate and Industrial Control System), loss prevention, travel, and incident response. Knowledge of federal and international government security agencies and contacts is desired. Knowledge of natural gas / Liquefied Natural Gas (LNG) industry is desired.

Critical Domains of Knowledge
The Chief Security Risk Officer should be familiar with the following corporate security domains:
  1. Program Development: Every critical domain, including program strategy and structure; leadership, staffing and organization; finance and budget management; policies, procedures and protocols; technologies and technical systems; physical security; awareness; training; stakeholder communication; enterprise security risk management; and benchmarking against organizations comparable in risk, size, industry focus and business model.
  2. Communications, Monitoring and Intelligence: Develop and later monitor command center operations, communications, and protective intelligence collection and analysis.
  3. Emergency Preparedness: Understanding of planning frameworks, such as the National Response Plan, to prevent/mitigate, prepare, respond and recover from security events, worldwide, including but not limited to acts of targeted violence.
  4. Security Continuity of Operations and Disaster Recovery: Planning required to achieve three elements as relates to information security or physical security event(s): organizational resilience, recovery and contingency.
  5. Executive Protection: Planning, designing implementing, and overseeing a highly customized protective security program that reflects the goals, preferences, lifestyle and privacy of the executive afforded protection. Key areas range from trip logistics, transportation, and advances to residential security, protective intelligence and counter-surveillance. Understanding the thinking and behavior of individuals who have attacked or approached prominent public figures in the United States.
  6. Physical and Facilities Security: From access control and CCTV systems, to perimeter security and physical security personnel, to mail and delivery processing.
  7. Information Security/Cybersecurity: Planning, designing, and managing a sophisticated information security program, including physical and cybersecurity elements, that accounts for the risk profile and risk tolerance of the company. Key areas include risk management (familiarity with ISO27001, SANS 20 Critical Security Controls, NIST 800-37, and/or NIST Cybersecurity Framework), whole-of-enterprise governance, strategy, policies and procedures, technology, technical incident response oversight, and crisis management.
  8. Domestic and International Travel: Provide and continually update travel-related security bulletins, alerts, tips and guidance for company employees on business travel, and manage appropriate security functions for personnel on business travel. In the next three years, travel is anticipated to include select executives traveling to over 15 countries primarily in the Americas, Europe, and Asia, with key offices in the United States and United Kingdom.
  9. Workplace Violence Prevention and Threat Assessment: Company-wide initiatives including active shooter planning, behavioral threat assessment, threat management strategies and support, policy development, threat assessment team management, and employee training and awareness.
  10. Open-Source Monitoring and Protective Intelligence Collection: Knowledge of how to enhance a program to leverage online research, assessment and monitoring of multiple websites, online discussions, chat rooms, message boards, talkbacks and dozens of other forums to uncover issues impacting the company, its assets, employees, brands and reputation. Understanding about how to enhance this program and integrate it with other security program components.
  11. Major Event Security: Planning and coordinating security for major corporate events (estimated ~three per year) and ensuring the security of all participants and stakeholders
  12. Internal Investigations: Areas such as libelous accusations, compliance violations, employee misconduct, fraud and misrepresentation and other internal affairs.
  13. Background Screening: Monitoring of enterprise-wide background screening policies for pre-employment, current employees, and contractors. Familiarity with the necessary scope of background checks required for comprehensive screening.
  14. Aviation Security: All aspects of aviation security, both domestically and internationally.

Essential Duties and Responsibilities
Strategy Design and Implementation: In close collaboration with senior business and functional leaders, develop a formal, documented, risk-driven global security strategy. Ensure that, at minimum, the strategy (1) defines the program’s mission, vision, risk basis, goals, organizational chart and structure, strategic program components, special focus areas, and the processes and resources required to maintain and improve the program over time; and, (2) establishes clear and specific operational priorities to achieve these goals within a three-to-five year period. Oversee its day-to-day implementation across the enterprise.

Risk Assessment and Information Gathering: Understand and assess the risks, threats and vulnerabilities confronting the organization and continuously align business and security resources behind these in a prioritized, risk-driven manner. Gather intelligence and information to assess the risk and exposure of company assets, information, and personnel in the countries, cities and areas in which assets, information, and people are located and business is conducted. Monitor, on a continuous basis, all security threats (such as terrorist incidents, significant protests or civil disturbance, and other country-specific security events) with potential implications for the program’s protective and due diligence mission and objectives.

  • Analyze business and global trends, including by market and geography, in type and level of security risks facing the company’s global operations to determine and implement programs to mitigate risk into the strategic planning processes for the operations.
  • Advise management on security issues and risks that may threaten personnel or assets.

Organizational Resilience and Preparedness: Lead and direct the organization’s preparation for events that could disrupt the continuity of business operations including targeted attacks (e.g., physical, cyber, informational); and criminal activity (e.g., fraud, embezzlement, theft). In addition to continuity of operations with regard to security incidents, oversee the company’s global emergency response and crisis management communication as it pertains to response to a cyber or physical attack. As part of this focus, undertake a robust approach to security incident prevention, response, management and recovery.
  • Provide leadership during times of crisis.
  • Proactively develop programs for risk reduction and response to local, regional and global threats.
  • Participate on the company’s Business Continuity Plan and Emergency Management’s Team, leading these issues with regard to security incidents.
  • Develop and maintain an effective enterprise-wide security incident management tracking and response system.
  • Represent the company on security matters including audits and investigations, involving varied operations (corporate, facilities, pipelines, chartered and/or owned vessels).

Protection of Human Capital, Core Assets, Information and Reputation: Ensure the security of the organization’s financial, physical and intangible assets through a balanced, holistic and integrated approach to the following:
  • People: Identify, develop and maintain the skills and capabilities of the internal and external security personnel assigned to the corporate security program at a best-practice level, including implementing training programs for security and non-security personnel globally regarding pertinent security or risk mitigation topics.  
    • Provide the regional security teams with the tools, processes and training requirements to manage security proactively including development of response teams and contingency plans.
    • Develop security plans for global corporate travel, events, and business activities.
    • Review and coordinate executive and personnel travel protection.
  • Process: Define, develop and implement global security policies, protocols, procedures and guidelines as they pertain to all facets of security risk management. Develop and implement policies and procedures to mitigate known and anticipated risks to personnel, assets, and information, related to personnel protection, facility protection, information security, cybersecurity, workplace violence, loss prevention, travel, and security emergency response.
  • Technology: Maintain and implement technology and state-of-the-art equipment related to providing world-class security risk management services. Advise and oversee facilities and offices to evaluate the adequacy of their security systems, programs and staffing; recommend improvements; and assist with the implementation of the improvements, as needed.

Compliance: Oversee, or where appropriate support, the organization’s compliance with foreign, national, state and local regulatory requirements with respect to areas such as security, data privacy, data protection, and Critical Infrastructure Protection (CIP) standards.

Financial Planning, Budgeting and Performance Tracking: Manage, plan and forecast the operational and capital budgets for the global security program. Track program performance using an organized and systematic methodology of metrics, measurement and security scorecards.

Enterprise Security Risk Management: Coordinate whole-of-enterprise security risk management through a council or committee, likely including senior representatives from Information Technology, Legal, Operational, Human Resources/Facilities and Business/Marketing departments.

Stakeholder Relations: On issues related to security risk management, serve as the company’s chief liaison resource and maintain effective liaison with all internal and external stakeholders in the viability and success of the enterprise, including foreign, national, state and local law enforcement, intelligence, homeland security and industry regulatory agencies and their representatives as well as, where appropriate, media, investors, shareholders and strategic business partners to remain aware of the degree of any threat and the recommended mitigation measures.

Expertise, Skills and Abilities
The qualifications listed below are essential:
  • Exceptional leadership skills including visioning, strategic planning and critical thinking.
  • Expertise in achieving high-performance results in a diverse global corporate environment – including business and financial analytical capabilities and the ability to communicate, collaborate and earn trust with internal stakeholders across the company’s functions, divisions, business units and regions.
  • Strong network of security resources, security industry contacts, and established relationships around the world, both with government and in the corporate sector; an extensive first-hand knowledge of various cultures and business practices worldwide; and an acute understanding of the commonalities and differences in addressing corporate security objectives and imperatives in both U.S. and non-U.S. environments.  
  • Expertise in managing and directing security staff and support personnel in the operational administration of corporate security and executive protection duties.
  • Ability to stay current with the laws, regulations and guidelines pertaining to the company’s industry and an ability to understand precisely how these evolving mandates impact the objectives, protocols and practices of the corporate security team.
  • Ability to prepare clear and succinct written and oral communications for presentation to the company’s board and senior management team.
  • Ability to persuade and influence internal partners in matters associated with corporate security programs or initiatives.
  • Proven track record in building, motivating and leading a professional team attuned to organizational culture, responsive to business needs and committed to integrity and best practices.
  • Ability to work under pressure in stressful, high-profile, sensitive and rapidly changing situations.
  • Ability to maintain a positive relationship with principals, families and executive assistants regarding personal safety and security-related matters and training, as well as administrative support personnel and others who play key roles in logistical planning of executive travel.
  • Discretion – as well as demonstrated experience – in maintaining utmost confidentiality and privacy.

Education and Experience
The candidate must possess a minimum of 15 years experience in working and/or leading, at a senior level, a corporate or government security program, or both. Ten years experience in a corporate security environment, or commensurate senior security risk management experience, is strongly desired. Advanced education is a plus and enhances the candidate’s credentials. BA, BS, and Degrees in law, business administration, accounting and finance, security management, homeland security, information systems management or law enforcement and public safety are preferred. Knowledge of U.S. federal and international government security agencies is desired. The combination of experience and education should be taken into consideration.

Memberships, Licenses and Certifications
Active membership in recognized security organizations such as American Society for Industrial Security (ASIS), International Security Management Association (ISMA) or other professional security associations is desired.

Language and Computer Literacy Skills
Fluency in English is a requirement. Fluency in additional languages is encouraged. The candidate must have proficiency in Microsoft Office applications such as Excel, Word, and PowerPoint.

  • Excellent understanding of corporate security best practices
  • Strong strategic, analytical and decision making skills
  • Ability to communicate complex concepts clearly
  • Ability to plan, coordinate and lead the work of others
  • Strong knowledge of the security industry, including best practices in physical, technical, personnel, information, legal, and administrative security disciplines
  • Experience in creating tools and processes and leading change in a high tech corporate environment
  • Knowledge of current and emerging security technology and integrated security systems
  • Knowledge of investigative techniques and best practices
  • Proven leadership and organizational skills with a practical, operational sense
  • International experience
  • Significant knowledge of federal and international government security community and contacts
Direct Reports :
The CSRO will have significant discretion to build the corporate security risk management team. Direct reports likely include a deputy Security Director or IT Security Director, Guard Force Security Director, Security Analysts, Security Compliance Director, and others as the corporate security function develops.

Freeedom To Act:
Ability to multi-task and function in a highly-dynamic atmosphere; must exercise discretion independently.

Work Conditions: 
Job is performed in a typical office environment but is subject to time pressures and constraints and is often dependent on input from others. Occasionally, work may be performed from home, after normal work hours or on weekends. Periodic travel as business requires. Must also be able to respond on short notice to manage international security and medical crisis intervention, if required. Subject to drug and alcohol testing, per applicable federal regulations or as required by Cheniere.

ADA Job Requirements: 
Reasonable accommodations will be made to ensure that the essential functions of the job can be performed and not hinder the employee's performance due to physical, mental or emotional disability.
Employer will assist with relocation costs.

Apply Online