Lead Security Analyst - Business Continuity
Remote, IL, US, N/A
Grainger
Grainger is your premier industrial supplies and equipment provider with over one million products to keep you up and running. Use Grainger.com for fast and easy ordering with next-day delivery available. Rely on our product experts for 24/7...As a leading industrial distributor with operations primarily in North America, Japan and the United Kingdom, We Keep The World Working® by serving more than 4.5 million customers worldwide with products delivered through innovative technology and deep customer relationships. With 2023 sales of $16.5 billion, we’re dedicated to providing value for customers, fostering an engaging culture for team members and driving strong financial results.
Our welcoming workplace enables you to learn, grow and make a difference by keeping businesses running and their people safe. As a 2024 Glassdoor Best Place to Work and a Great Place to Work-Certified™ company, we’re looking for passionate people to join our team as we continue leading the industry over our next 100 years.
Position Details:
You will drive compliance of global business units with Grainger's Global Business Continuity Management activities with Grainger's IT Governance, Risk Management and Compliance Program. Team member will assess processes to identify gaps in business processes and help with the design and documentation of processes to address the gaps to guide compliance with the program goals. Additional responsibilities include design, implementation, and facilitation of BCM metrics.
You Will:
Work with business teams across the global organization to mature the Business Continuity Management program framework, extending processes to help business partners identify, availability, risk and manage mitigation to an acceptable level. Strong relationship building and communication skills are essential to this role. Role responsibilities will include:
-
Establish the approach for evaluating the current state of Business Continuity (BC) and Disaster Recovery (DR) planning within assigned Grainger departments and provide mentorship over the team's improvement and maintenance of each of those plans; considering best practices, industry standards and important areas of focus for Grainger.
-
Mature and standardize processes to uphold Business Continuity and Disaster Recovery policy across all business units.
-
Leverage metrics to drive tactical response plans for increasing compliance and customer engagement.
-
Provide escalated support for the Business Continuity Automated Notification system use, training, and maintenance.
-
Establish the approach and framework for the Impact Analysis. Review findings.
-
Recommend and develop training programs targeting specific areas of improvement for other analysts. Mentor, train, and supports other analysts.
-
Develop processes for testing and training exercises for all Grainger entities as defined by Executive Leadership.
-
Provide direction and escalation support on the maintenance of the BC/DR document repository.
-
Identify options for DR roadmap with other analysts and BCM Manager. Provide support in planning, execution, and metrics for the DR program and exercises.
-
Mentor team to identify changes required to improve BC/DR plans and validate those plan changes with live tests and tabletop exercises with areas of the global business.
-
Establish plan templates. Conduct BC / DR Plan reviews throughout Grainger to ensure necessary documentation is updated.
-
Conduct testing of these plans and work with teams to ensure they are viable and meet Internal Audit and regulatory compliance obligations.
-
Establish the organizational training goals and reviews and approve training materials.
-
Provide direct customer support.
-
Conduct management and business facing communications.
-
Support other analysts in their maintenance of and identification of improvements for the existing BC Intranet website and other communications channels and repositories.
-
Work with BCM Manager to develop global business continuity management processes in developing controls needed for the mitigation of risks for business processes which are not compliant with information security and risk frameworks
-
Collaboratively works to influence and socialize strategies, standards, procedures, communications, and governance.
-
Deployment and measurement of security awareness efforts across Grainger global business units.
-
Align individual goals to team goals with OKRs
-
Be an expert in providing advice to global business units regarding compliance with applicable frameworks including ISO 22301, 27001, NIST Cybersecurity Framework (CSF), Cloud Controls Matrix (CCM) and standards including the Payment Card Industry Data Security Standard (PCI DSS) and other frameworks and standards.
You Have:
-
10+ years industry experience
-
College degree or equivalent with emphasis on Computer Science courses
-
Proficient in Microsoft products
-
Experience with project management
-
Certified Business Continuity Professional (CBCP)
-
Experience working with ISO 22301, 27001, ISO 27005 (or similar) security framework, NIST RMF standards in operational IT environment
-
Operational experience in applying risk frameworks to technologies (including cloud, containers) and processes (including DevOps and Agile software deployment) helpful
Rewards and Benefits:
With benefits starting day one, Grainger is committed to your safety, health and wellbeing. Our programs provide choice and flexibility to meet our team members' individual needs. Check out some of the rewards available to you at Grainger
-
Medical, dental, vision, and life insurance plans
-
Generous paid time off (PTO) and 6 company holidays per year
-
Automatic 6% 401(k) company contribution each pay period
-
Employee discounts, parental leave, 3:1 match on donations and tuition reimbursement
-
A comprehensive set of emotional, financial, physical and social wellbeing programs
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
We are committed to fostering an inclusive, accessible environment that includes both providing reasonable accommodations to individuals with disabilities during the application and hiring process as well as throughout the course of one’s employment. With this in mind, should you need a reasonable accommodation during the application and selection process, please advise us so that we can provide appropriate assistance.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Cloud Compliance Computer Science DevOps Governance Industrial ISO 22301 ISO 27005 NIST OKR PCI DSS Risk management RMF
Perks/benefits: 401(k) matching Career development Flex vacation Health care Insurance Medical leave Parental leave Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.