Disaster Recovery/Business Continuity Analyst III
Posted on Apr 3, 2021 by Request Technology - Robyn Honquest
Business Continuity Disaster Recovery Analyst III
Location: Lake Forest, IL or Chicago, IL (Merchandise Mart)
Remote 3 days 2 days on location. Must be a technical Disaster Recovery Analyst who can write Disaster Recovery plans and execute them. You will work with tools like Everbridge and MIR3 to read and follow mass emails and phone texts Emphasis is on Disaster Recovery. Must have good soft skills and be a good motivator and influencer. You will make sure all the areas of the company are up to date in their DR plans and following them and Business Continuity
Works with business teams across the global organization to execute the ES Business Continuity Management program framework, extending processes as necessary to help business partners identify confidentiality, availability and integrity risk and manage mitigation to an acceptable level.
- Assist in determining and evaluating the current state of Business Continuity (BC) and Disaster Recovery (DR) planning within assigned Grainger GIS departments and help facilitate the improvement and maintenance of each of those plans, taking into account best practices, industry standards and critical areas of focus for WWG.
- Assist in the implementation and maintenance of a Business Continuity Automated Notification system.
- Participate in testing and training exercises for all entities as defined by Executive Leadership.
- Support and improve BC/DR document repository.
- Identify changes required to improve BC/DR plans and validate those plan changes with live tests and tabletop exercises with various areas of the global business.
- Assists with BC/DR Plan reviews throughout to ensure necessary documentation is kept up to date.
- Participate in the testing and validation of these plans and work with teams to ensure they are viable and meet Internal Audit and regulatory compliance obligations.
- Participate in the development and maintenance of escalation procedures for Contact Center emergencies.
- Participate in the development, documentation and training of team members on an Automated Notification System.
- Assist in the development and maintenance of BC/DR training programs for all departments and locations.
- Assist in BC/DR support for the key locations.
- Assist with periodic call notification tests with all departments, including C-level executives.
- Work to maintain BC Intranet website and other communications channels and repositories.
- Provides inputs to global business continuity management processes in developing controls needed for the mitigation of risks for business processes which are not compliant with information security and risk frameworks
- Assist other team members within the business organization in assessing risk, developing appropriate controls and advising on creation of action plans to address gaps.
- Collaboratively works to influence and socialize ES strategies, standards, policies, procedures, communications and governance.
- Provides guidance with respect to needed changes to established IT Security policies based on day-to-day interactions with businesses.
- Takes actions as directed to ensure business awareness of Data Privacy guidance, including the General Data Protection Regulation (GDPR), and appropriate engagement of Data Privacy office, as needed.
- Provides advice to global business units on actions needed to align business requirements with relevant global security frameworks, standards, policies, and procedures.
- Proactively provides relevant inputs to the global risk framework based on the latest government and industry information regarding new threats and vulnerabilities and communicate relevant information to appropriate teams, soliciting action plans if needed.
- Coordinates deployment and measurement of security awareness efforts across the global business units
- Works closely with global business, contract and legal teams to assess proposed terms and conditions, align with appropriate risk profile and provide feedback on changes needed.
- Aligns individual goals to IS GRC, BCM & RIM team goals with S.MA.R.T. objectives
- Recognizes opportunities to balance risk and creativity in quickly responding to business opportunities
- Serves as subject matter expert in providing advice to global business units regarding compliance with applicable frameworks including ISO 27001, NIST Cybersecurity Framework (CSF), Cloud Controls Matrix (CCM) and standards including the Payment Card Industry Data Security Standard (PCI DSS) as well as other frameworks and standards as required.
Preferred Education & Experience:
- College degree or equivalent with emphasis on Computer Science courses.
- Candidate should have great inter-personal skills and be a self-starter.
- Good verbal and written communication, facilitation, and interpersonal skills.
- Proficient in Microsoft products (Word, Excel, PowerPoint, MS Project, etc.).
- Knowledge of project and program management is a plus.
- BCCP (Business Continuity Certified Planner), BCCS (Business Continuity Certified Specialist) or BCCE (Business Continuity Certified Expert) preferred.
- Experience working with ISO 27001, ISO 27005 (or similar) security framework, OCTAVE, FAIR, NIST RMF standards in operational IT environment preferred
- Operational experience in applying risk frameworks to technologies (including cloud, containers) and continuous processes (including DevOps and Agile software deployment) very helpful
- Must be able to work in a collaborative team environment with individuals at appropriate levels of the Company