Information & Technology (I&T) Resilience and Continuity Governance, Risk and Compliance (GRC) Lead

About the Role

The I&T Resilience and Continuity GRC Lead is responsible for developing and embedding a strategic approach to I&T service resilience and continuity that:

• Drives forward looking I&T and business stakeholder engagement across service resilience and continuity requirements, continuous improvement, and assurance.

• Evolves existing Disaster Recovery and Business Continuity arrangements according to changes in the risk, threat, digital technology and regulatory landscape.  

• Identifies and challenges potential Disaster Recovery and Business Continuity assumptions across in house and third-party providers based on lesson learnt and/or identification of gaps.

• This role requires a broad understanding of multinational manufacturing or industrial environments,  and the business impact that may result from risks to the application and infrastructure environments that underpin continuity of services.

Key Responsibilities

• Work closely with cross-functional teams, including IT, risk, governance, operations, supply chain, and security, to align resilience and recovery arrangements aligned to service and business continuity objectives.

• Stay updated on industry best practices, emerging threats, and regulatory requirements related to resilience, DR and BCP.

• Challenge arrangements based on changes in risk and/or lessons learnt to determine discrete or strategic improvements to resilience, continuity, and recovery arrangements.

• Drives:

  • Resilience and service continuity risk and business impact assessments aligned to business requirements for continuity in the event of a significant disruption or disaster.

  • Testing of plans, review of incident reports and lessons learned, and improvement of plan design and implementation based on the results.

  • Measurement, metrics and reporting for management review and compliance purposes.

• Ensure roles and responsibilities, processes, and procedures in emergency situations are current and accessible, including interfaces into related disciplines such as crisis management are tested, improved and maintained.

• Ensure plans, procedures, and protocols are communicated and accessible.

• Drives related assurance across both across in house and I&T service provider arrangements.

• Advises on service resilience and recovery arrangements across Digital, Cloud, On-Premises and Legacy, improving and where necessary developing new standards.

To be successful in this role you will demonstrate:

• Excellent communication and stakeholder management skills, able to provide subject matter expertise and advice to the business across I&T Resilience and Continuity Governance, Risk and Compliance arrangements.

• Experience of ensuring third party or outsourced arrangements are properly engaged and arrangement assured, including validation where required of contract compliance.

• An ability to operate as a subject matter leader in a matrix way, drive a programme approach and deep dive into subject matter detail where needed.

• Delivering change through others, building a vision, community, and commitment, and addressing related training or support needed for application and infrastructure owners.   

About you

• Proven experience in implementing IT resilience, service continuity and disaster recovery arrangements aligned to business continuity plans and requirements, preferably within a manufacturing or similar industrial environment.

• A broad knowledge of manufacturing processes, systems, and technologies.

• Familiarity with relevant standards (e.g., ISO 22301, NIST SP 800-34) and knowledge of existing and emerging regulations for I&T resilience.

• Excellent process and technology analytical, problem-solving, and decision-making skills.

• Effective communication and interpersonal abilities, with the capacity to influence and collaborate across organizational levels.

• Programme and project management experience, including the ability to assess and assure the current state, establish and lead a resulting programme of enhancements 

• Bachelor’s degree in Business Administration, Engineering, Information Technology, or related field. Advanced degree or relevant certifications (e.g., CBCP, MBCP, CISSP) preferred.

What you will get

• Competitive salary 

• Company bonus

• Car / Car Allowance

• Private Medical Insurance

• Pension scheme  

• 25 days holiday plus bank holidays

• Electric Car Scheme  

About DS Smith

DS Smith are a leading provider of sustainable packaging solutions, paper products and recycling services in more than 30 different countries.  It’s a very exciting time to join, as we have committed to investing in our future across our strategic growth enablers within Innovation (R&D), Sustainability and Digital & Data.

“To fulfil our purpose of redefining packaging for a changing world, we aim to build a diverse, motivated, and engaged workforce. Our goal is to create a culture of inclusion where everyone is treated fairly, differences are valued, and everyone has an equal opportunity to succeed. Our people come from diverse backgrounds, bring different perspectives, ideas and experiences to generate unique solutions focused on present and future sustainability challenges. We welcome all candidates to apply, even those not meeting all criteria.”