IT GRC Analyst IV
Description
Summary:
Seeking a Business Continuity (BC) expert who serves as a key resource responsible for management, oversight, implementation, and ongoing administration of Enterprise-wide BC program. Candidate will be expected to have significant subject matter expertise and should have experience developing and implementing a company-wide BC program, preferably in healthcare. Able to work independently requiring minimal direction to deliver high quality results. Seeks out solutions and brings ideas forward. Project and work approach are team centric, creative, analytical and flexible. Must have experience with executive level communication and presentations.
Responsibilities:
Key IT GRC Team resource managing the following responsibilities of the Business Continuity Program:
- Ownership and Subject Matter Expert responsible for Business Continuity Policies, Standards, Procedures, Program Framework, tools and templates.
- Key member of the Business Continuity Steering Committee, responsible for updates on program maturity, metrics, and risk.
- Responsible for setting the strategy and direction of the Business BC Program, working with IT GRC Director, CISO, and BC Steering Committee. Responsible for maintaining a 3-year roadmap.
- Collaborates with Business Leaders and business area staff to train BC business stakeholders and facilitate completion of all business requirements for the Program, including but not limited to Business Impact Analysis, Business Process Analysis, Business Continuity Plan Development, and Testing/Exercising of plans.
- Educates business partners on the importance of Risk Management in their contingency and recovery planning, including preparedness for operational risks (i.e. System and Telephony failures) and scenario based incident planning.
- Works with Disaster Recovery (DR) team to provide business uptime requirements so DR team can identify documents, and test the business requirements for uptime against the infrastructure capabilities in order to implement appropriate recovery strategies and identify gaps/risks.
- Accountable for monitoring BC Program compliance, identifying risks, and improving enterprise preparedness for events/incidents causing business disruption.
- Works with IT Risk Management Program lead to track identified BC issues and risks; including risk acceptances or risk remediation plans that address each risk.
- Ensures all Business Continuity HITRUST requirements are met in order to maintain HITRUST certification.
- Collects, maintains, and analyzes data. Builds reports and/or dashboards to provide security team and Nuvance Health Leadership with information to make data driven decisions.
- Maintains and Models Nuvance Health Values.
- Demonstrates regular, reliable, and predictable attendance.
- Performs other duties as required.
Education and Experience Requirements:
•Bachelor's degree (BS) in MIS, IT, Information Security, Risk Management or related field, or equivalent experience.
•7-10 years recent experience in Business Continuity, Disaster Recovery, Crisis Management, and/or Business Resiliency.
• Healthcare experience strongly desired.
•Experience with implementing and using Business Continuity tools.
Working Conditions:
Manual: Little or no manual skills/motor coord & finger dexterity
Occupational: Little or no potential for occupational risk
Physical Effort: Sedentary/light effort. May exert up to 10 lbs. force
Physical Environment: Generally pleasant working conditions
Company: Nuvance Health
Org Unit: 1795
Department: Information Security
Exempt: Yes
Salary Range: $49.76 - $92.40 Hourly