Business Continuity & Disaster Recovery Analyst

This position drives compliance of global business units with Grainger’s Global Business Continuity Management activities in alignment with Grainger’s IT Governance, Risk Management and Compliance Program. Team member will assess processes to identify gaps in business processes and controls and assist in the design and documentation of processes to address the gaps in order to drive compliance in alignment with the program objectives. Additional responsibilities include design, implementation, and facilitation of BCM metrics.

 Principal Duties & Responsibilities: 

Works with business teams across the global organization to execute the ES Business Continuity Management program framework, extending processes as necessary to help business partners identify confidentiality, availability and integrity risk and manage mitigation to an acceptable level.

• Determines and evaluates the current state of Business Continuity (BC) and Disaster Recovery (DR) planning within assigned Grainger GIS departments and helps facilitate the improvement and maintenance of each of those plans, considering best practices, industry standards and critical areas of focus for WWG.
• Implements and maintains the Business Continuity Automated Notification system. 
• Leads the Business Impact Analysis execution and maintenance.
• Provides coaching, training, and problem-solving assistance to other analysts.
• Leads testing and training exercises for all Grainger entities as defined by Executive Leadership. 
• Maintain and improve BC/DR document repository.
• Identify changes required to improve BC/DR plans and validate those plan changes with live tests and tabletop exercises with various areas of the global business. 
• Conducts BC / DR Plan reviews throughout WWG to ensure necessary documentation is kept up to date.
• Conducts testing and validation of these plans and work with teams to ensure they are viable and meet Internal Audit and regulatory compliance obligations.
• Executes development, documentation, and training of team members on an Automated Notification System.
• Identifies maturity options for DR roadmap in coordination with other analysts and BCM Manager. Executes project management for DR exercises.
• Develop and maintain BC/DR training programs for all WWG departments and locations.
• BC/DR support for the WWG key locations.
• Conduct periodic call notification tests with all departments, including C-level executives.
• Work to maintain BC Intranet website and other communications channels and repositories. 
• Provides inputs to global business continuity management processes in developing controls needed for the mitigation of risks for business processes which are not compliant with information security and risk frameworks
• Collaboratively works to influence and socialize strategies, standards, policies, procedures, communications, and governance.
• Coordinates deployment and measurement of security awareness efforts across Grainger global business units
• Aligns individual goals to team goals with OKRs
• Serves as subject matter expert in providing advice to global business units regarding compliance with applicable frameworks including ISO 22301, 27001, NIST Cybersecurity Framework (CSF), Cloud Controls Matrix (CCM) and standards including the Payment Card Industry Data Security Standard (PCI DSS) as well as other frameworks and standards as required.

Preferred Education & Experience: 

• 6 – 15 years industry experience
• College degree or equivalent with emphasis on Computer Science courses
• Candidate should have great inter-personal skills and be a self-starter
• Good verbal and written communication, facilitation, and interpersonal skills
• Proficient in Microsoft products (Word, Excel, PowerPoint, MS Project, etc.)
• Skilled in project management
• Certified Business Continuity Professional (CBCP) preferred
• Experience working with ISO 22301, 27001, ISO 27005 (or similar) security framework, NIST RMF standards in operational IT environment preferred
• Operational experience in applying risk frameworks to technologies (including cloud, containers) and continuous processes (including DevOps and Agile software deployment) helpful
• Must be able to work in a collaborative team environment

Job Segment: GIS, Computer Science, Program Manager, Internal Audit, Technology, Information Security, Management, Finance

 “Grainger is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, sexual orientation, disability, or protected veteran status.”