Disaster Recovery/Business Continuity Analyst
Posted on Jan 30, 2021 by Request Technology - Robyn Honquest
Business Continuity/Disaster Recovery Analyst
Location: Lake Forest, IL & Merchandise Mart
You will work in both locations downtown Chicago and Lake Forest 1 to 2 days at a time occassionaly
Must be solid in both Business Continuity and Disaster Recovery with emphasis on Disaster Recovery. looking for someone on the upward swing of their career with great soft skills. Someone who can motivate and influence the areas within the company. Team member will assess processes to identify gaps in business processes and controls and assist in the design and documentation of processes to address the gaps in order to drive compliance in alignment with the program objectives. Additional responsibilities include design, implementation and facilitation of BCM Metrics.
Works with business teams across the global organization to execute the ES Business Continuity Management program framework, extending processes as necessary to help business partners identify confidentiality, availability and integrity risk and manage mitigation to an acceptable level.
- Assist in determining and evaluating the current state of Business Continuity (BC) and Disaster Recovery (DR) planning within assigned Grainger GIS departments and help facilitate the improvement and maintenance of each of those plans, taking into account best practices, industry standards and critical areas of focus for WWG.
- Assist in the implementation and maintenance of a Business Continuity Automated Notification system.
- Participate in testing and training exercises for all Grainger entities as defined by Executive Leadership.
- Support and improve BC/DR document repository.
- Identify changes required to improve BC/DR plans and validate those plan changes with live tests and tabletop exercises with various areas of the global business.
- Assists with BC/DR Plan reviews throughout WWG to ensure necessary documentation is kept up to date.
- Participate in the testing and validation of these plans and work with teams to ensure they are viable and meet Internal Audit and regulatory compliance obligations.
- Participate in the development and maintenance of escalation procedures for Contact Center emergencies.
- Participate in the development, documentation and training of team members on an Automated Notification System.
- Assist in the development and maintenance of BC/DR training programs for all WWG departments and locations.
- Assist in BC/DR support for the WWG key locations.
- Assist with periodic call notification tests with all departments, including C-level executives.
- Work to maintain BC Intranet website and other communications channels and repositories.
- Provides inputs to global business continuity management processes in developing controls needed for the mitigation of risks for business processes which are not compliant with information security and risk frameworks
- Assist other team members within the business organization in assessing risk, developing appropriate controls and advising on creation of action plans to address gaps.
- Collaboratively works to influence and socialize ES strategies, standards, policies, procedures, communications and governance.
- Provides guidance with respect to needed changes to established IT Security policies based on day-to-day interactions with Grainger businesses.
- Takes actions as directed to ensure business awareness of Data Privacy guidance, including the General Data Protection Regulation (GDPR), and appropriate engagement of Data Privacy office, as needed.
- Provides advice to global business units on actions needed to align business requirements with relevant global security frameworks, standards, policies, and procedures.
- Proactively provides relevant inputs to the global risk framework based on the latest government and industry information regarding new threats and vulnerabilities and communicate relevant information to appropriate teams, soliciting action plans if needed.
- Coordinates deployment and measurement of security awareness efforts across Grainger global business units
- Works closely with global business, contract and legal teams to assess proposed terms and conditions, align with appropriate risk profile and provide feedback on changes needed.
- Aligns individual goals to IS GRC, BCM & RIM team goals with S.MA.R.T. objectives
- Recognizes opportunities to balance risk and creativity in quickly responding to business opportunities
- Serves as subject matter expert in providing advice to global business units regarding compliance with applicable frameworks including ISO 27001, NIST Cybersecurity Framework (CSF), Cloud Controls Matrix (CCM) and standards including the Payment Card Industry Data Security Standard (PCI DSS) as well as other frameworks and standards as required.
Preferred Education & Experience:
- College degree or equivalent with emphasis on Computer Science courses.
- BCCP (Business Continuity Certified Planner), BCCS (Business Continuity Certified Specialist) or BCCE (Business Continuity Certified Expert) preferred.
- Experience working with ISO 27001, ISO 27005 (or similar) security framework, OCTAVE, FAIR, NIST RMF standards in operational IT environment preferred
- Operational experience in applying risk frameworks to technologies (including cloud, containers) and continuous processes (including DevOps and Agile software deployment) very helpful
- Must be able to work in a collaborative team environment with individuals at appropriate levels of the Company