Schedule async security policies bot user create before scheduled scans

What does this MR do and why?

We would like to enhance user experience after a recent fix for security incident: create bot user in async manner when it is missing for the project, otherwise customers without configured security policy bot will not be able to run scheduled scans defined as Scan Execution Policies.

As a part of this change, we are also modifying ee/app/workers/security/orchestration_policy_rule_schedule_worker.rb and moving the setting next time for the schedule to be set when initial criteria are met:

• creation of bot user is scheduled,
• the project is not marked for deletion.

The idea behind it is that we want to schedule the creation of the bot user, and then the next time the worker picks up schedules, the bot user will be created, and the job will be able to perform successfully. Without moving this user could potentially wait very long for execution of the scan (depending on the cadence parameter in the policy configuration).

How to set up and validate locally

1. Create a new project
2. Create a scheduled Scan Execution Policy for this project (Secure -> Policies)
3. Go to the Rails console, find the security policy bot user for this project, and manually remove it.
4. Look in pipelines for your scheduled scans; it should appear, and the security policy bot should be recreated.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

Related to #414376 (closed)