Working within a small team of experienced information security professionals, the role holder will support the aims and objectives of the Information Security & Resilience (IS&R) function to ensure corporate and client services maintain a high-level of compliance with industry security standards.
Main duties and responsibilities:
• Support the Head of Information Assurance & Resilience in maintaining the maturity the BCMS
ensuring it meets the requirements for compliance with ISO22301.
• Complete business impact analysis reviews.
• Maintain BC plans and a programme of exercises to validate each plan.
• Maintain BC risk registers and provide advice and guidance where required to treat risks while
ensuring that risks are understood by the responsible risk owners.
• Supports any lessons learned activities to identify and track any corrective actions required for
continual improvement of incident response options or resiliency strategies.
• Liaison with key stakeholders
• Maintain the annual scheduled of all activities governed by the Business Continuity Management
• Maintain knowledge of business continuity management and trends.
• Review and updating business continuity training and awareness materials.
• Complete assurance checks to close corrective actions. This includes supporting the compliance
function who will provide independently audit support and track any assurance check findings
Skills, knowledge & Expertise:
Professional qualification in Business Continuity Management, (certified by
the Business Continuity Institute CBCI or AMBCI) or over 3 years’ experience.
ISO22301 – lead auditor or implementer – Diploma in BC or any other
related BC or DR qualification(s).
A solid understanding of business continuity management systems (BCMS)
and industry information security standards (e.g. ISO22301 and ISO27001).
Experience of supporting the maintenance of a BCMS.
Experience in understanding business continuity and information security
risk management processes.
Ability to conduct the role with a large degree of independence and integrity
to engage with stakeholders at all levels within the organisation.
Good understanding of Microsoft Office applications to include Word,
PowerPoint, Project, and Excel.
Have a good understanding of new technologies and their relationship with
resilience / security.
Service: meet contract deliverables in terms of client obligations for business continuity.
People: meet ‘security culture’ targets through driving engagement and completion of
annual security & business continuity training.
Compliance: supporting the team in ensuring compliance with business continuity
requirements and being resilient by design.
- Work from Home and site travel
- Business Continuity Coordinator,