Share this Job

Business Continuity/Disaster Recovery Analyst II

Date: Nov 6, 2020

Location: LAKE FOREST, IL, US, 60045-5201

Company: Grainger Businesses

This position drives compliance of global business units with Grainger’s Global Business Continuity Management activities in alignment with Grainger’s IT Governance, Risk Management and Compliance Program. Team member will assess processes to identify gaps in business processes and controls and assist in the design and documentation of processes to address the gaps in order to drive compliance in alignment with the program objectives. Additional responsibilities include design, implementation and facilitation of BCM Metrics.

 

 Principal Duties & Responsibilities: 

 

Works with business teams across the global organization to execute the ES Business Continuity Management program framework, extending processes as necessary to help business partners identify confidentiality, availability and integrity risk and manage mitigation to an acceptable level.

  • Assist in determining and evaluating the current state of Business Continuity (BC) and Disaster Recovery (DR) planning within assigned Grainger GIS departments and help facilitate the improvement and maintenance of each of those plans, taking into account best practices, industry standards and critical areas of focus for WWG.
  • Assist in the implementation and maintenance of a Business Continuity Automated Notification system. 
  • Participate in testing and training exercises for all Grainger entities as defined by Executive Leadership. 
  • Support and improve BC/DR document repository.
  • Identify changes required to improve BC/DR plans and validate those plan changes with live tests and tabletop exercises with various areas of the global business. 
  • Assists with BC / DR Plan reviews throughout WWG to ensure necessary documentation is kept up to date.
  • Participate in the testing and validation of these plans and work with teams to ensure they are viable and meet Internal Audit and regulatory compliance obligations.
  • Participate in the development and maintenance of escalation procedures for Contact Center emergencies.
  • Participate in the development, documentation and training of team members on an Automated Notification System.
  • Assist in the development and maintenance of BC/DR training programs for all WWG departments and locations.
  • Assist in BC/DR support for the WWG key locations.
  • Assist with periodic call notification tests with all departments, including C-level executives.
  • Work to maintain BC Intranet website and other communications channels and repositories. 
  • Provides inputs to global business continuity management processes in developing controls needed for the mitigation of risks for business processes which are not compliant with information security and risk frameworks
  • Assist other team members within the business organization in assessing risk, developing appropriate controls and advising on creation of action plans to address gaps.
  • Collaboratively works to influence and socialize ES strategies, standards, policies, procedures, communications and governance.
  • Provides guidance with respect to needed changes to established IT Security policies based on day-to-day interactions with Grainger businesses.
  • Takes actions as directed to ensure business awareness of Data Privacy guidance, including the General Data Protection Regulation (GDPR), and appropriate engagement of Data Privacy office, as needed.
  • Provides advice to global business units on actions needed to align business requirements with relevant global security frameworks, standards, policies, and procedures.
  • Proactively provides relevant inputs to the global risk framework based on the latest government and industry information regarding new threats and vulnerabilities and communicate relevant information to appropriate teams, soliciting action plans if needed.
  • Coordinates deployment and measurement of security awareness efforts across Grainger global business units
  • Works closely with global business, contract and legal teams to assess proposed terms and conditions, align with appropriate risk profile and provide feedback on changes needed.
  • Aligns individual goals to IS GRC, BCM & RIM team goals with S.M.A.R.T.  objectives
  • Recognizes opportunities to balance risk and creativity in quickly responding to business opportunities
  • Serves as subject matter expert in providing advice to global business units regarding compliance with applicable frameworks including ISO 27001, NIST Cybersecurity Framework (CSF), Cloud Controls Matrix (CCM) and standards including the Payment Card Industry Data Security Standard (PCI DSS) as well as other frameworks and standards as required.

 

Preferred Education & Experience: 

 

  • College degree or equivalent with emphasis on Computer Science courses. 
  • Candidate should have great inter-personal skills and be a self-starter. 
  • Good verbal and written communication, facilitation, and interpersonal skills.
  • Proficient in Microsoft products (Word, Excel, PowerPoint, MS Project, etc.). 
  • Knowledge of project and program management is a plus. 
  • BCCP (Business Continuity Certified Planner), BCCS (Business Continuity Certified Specialist) or BCCE (Business Continuity Certified Expert) preferred.
  • Experience working with ISO 27001, ISO 27005 (or similar) security framework, OCTAVE, FAIR, NIST RMF standards in operational IT environment preferred
  • Operational experience in applying risk frameworks to technologies (including cloud, containers) and continuous processes (including DevOps and Agile software deployment) very helpful
  • Must be able to work in a collaborative team environment with individuals at appropriate levels of the Company

 

Job Segment: GIS, Computer Science, Program Manager, Internal Audit, Technology, Information Security, Management, Finance

 

 “Grainger is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, sexual orientation, disability, or protected veteran status.”