Position Title: Business Continuity Analyst Location: Midlothian, VA Position Status: Direct Hire Compensation: $75K - $95K
Requirements: 3+ years in a Business Continuity role 1+ years in an Information Security or Governance role
Business Continuity / Disaster Recovery Function:
Collaborate with business unit management and Information Technology (IT) to identify and maintain records of critical business processes and their related systems, and establish acceptable recovery time periods (RTO) and recovery point objectives (RPO) for each function/system. Ensure corresponding documentation is maintained in IT Configuration Management Database (CMDB), as appropriate, to meet business continuity needs.
Collaborate with Process Improvement team and business units to ensure periodic reviews of critical processes are conducted to identify significant changes (i.e. staffing, systems, processes, facilities, etc.) that may impact recovery procedures, backup capabilities, or other aspects of business continuity plans.
Collaborate with Physical Security and/or Facilities, as needed, to monitor the effectiveness of BC/DR procedures in concert with evacuation and other crisis response drills. Based on test results, work with various team leaders and managers to ensure that recovery procedures are effective for the continuation of critical business processes and are revised and strengthened as necessary.
Drive efforts to ensure the creation and maintenance by IT of appropriate documentation supporting technology recovery strategies and technical DR plans and procedures. Review and provide guidance on the scope, methodologies, results and documentation of regular DR and recovery testing.
Review, assess reasonableness of, and maintain a library of individual departments’ specific business continuity procedures and supporting documents, which are not part of the broader, credit-union wide Business Continuity Plan.
Support Physical Security, IT management, and/or Facilities, as needed, in their monitoring of conditions to determine and prepare for the increased likelihood of business interruptions, such as extreme weather or other serious unexpected events that threaten the loss or usability of a facility for an extended period of time.
Develop and maintain appropriate policies related to the Business Continuity and Disaster Recovery Program, and ensure they evolve and expand to meet the changing needs of the organization
Technology Governance Function:
Leverage awareness obtained from business continuity and the team’s vendor management support activities to identify new applications and systems requiring access review and verification; drive collaboration with IT and system administrators to ensure these applications and systems are properly setup and configured within access auditing tool.
Maintain applications, user records, and privileges within the access auditing tool.
Direct the follow up and remediation efforts surrounding improper user privileges and other changes identified in the annual access review; ensure appropriate documentation is maintained for all changes.
Identify and pursue opportunities to further develop and improve access management practices throughout the enterprise.
Support Technology Governance Team with other aspects of technology and information security governance (e.g. vulnerability management, policies and related exceptions, etc.).
Stay abreast of emerging trends, practices and/or risks impacting technology and information security governance and where appropriate make recommendations for addressing the
Minimum Education and Experience:
College degree preferred; may substitute equivalent work experience, preferably in the fields of IT or Information Security.
Significant demonstrated experience in a business continuity leadership role, especially in the financial services or technology industry, is preferred.
BC/DR related certification (CBCP, CCM, etc.) or candidate working towards certification is preferred.
Information Security related certification (CISM, CISA, CISSP, GSEC, etc.) or candidate working towards certification is preferred.
Proficient with Microsoft applications, to include MS Office suite; proficiency with MS SharePoint and MS Visio preferred.
Experience with automated solutions for administering and managing a business continuity function is preferred.