IT Business Continuity Vendor Continuity Manager for EY in London, UK (salary not disclosed)

November 12, 2021 | News/Articles

The opportunity
The IT Risk Management BCM function creates and maintains business continuity management framework, processes, tooling, and strategy. Our primary objectives are to enable EY Technology to build a risk-aware culture, reduce IT risk, defend against internal and external threats, and protect client and EY data.  A working knowledge of policy frameworks such as ISO, COBIT and unified compliance framework

We offer opportunities to develop new skills and progress your career receiving support, coaching and feedback from colleagues around the world. This role will give you an opportunity to work with some of the best talent in the industry!

Your key responsibilities
In the role of Business Continuity vendor management lead you will be responsible for ensuring compliance of critical vendors with regards to Business Continuity/Disaster Recovery arrangements as per our policies and standard requirements.

Review Vendor Business Continuity/Disaster Recovery arrangements support the review and completion of critical vendor 'checklists', delivering on plans to support any identified gaps/enhancements. Onboarding new vendors and establish regular cadence with the existing vendors.

As an Assistant Director in the ITRM BCM team,

  • Work as an SME of the team, ensuring business critical vendors are onboarded and assessed through a lens of business resilience.
  • You will work with existing critical vendors and ensure the compliance of business continuity/Disaster recovery processes.
  • You will partner closely with the BCM program manager to execute the vision, strategy, goals and objectives of business continuity vendor management program.
  • You will be required to report on vendor compliance to handle exceptions to EY BCM policies
  • Solid understanding of key performance indicators relevant to the role
  • Demonstrated skills in efficiently implementing agreed roadmaps and managing projects/ work streams.
  • Technical knowledge to assess Vendor's BC/DR capabilities.
  • Able to work independently with little supervision

Skills and attributes for success
Seek opportunities for improvement or mitigation of business interruption and other risks caused by business, regulatory, or industry-specific change initiatives

  • Identify improvements to BIA, BC/DR processes, procedures, and tooling
  • Responsible for Vendor compliance and controls in EY Policies

To qualify for the role, you must have
Understanding and exposure to risk management/BCM, preferably in a multinational environment.

  • Experience covering Business Continuity and Disaster Recovery processes and standards
  • Demonstrable experience delivering/implementing/coordinating focus on BC/DR across the business and critical supplier chain.
  • Good knowledge of regulatory resilience requirements in the financial organizations.
  • Your performance will be reviewed regularly in line with EY's performance management program
  • Outstanding interpersonal, communication, organizational, and decision-making skills and ability to communicate and gain support for initiatives
  • Strong English language skills; excellent writing, presentation, interpersonal, and communication skills are required
  • Ability to understand and integrate cultural differences

Required Experience
4+ years of relevant experience in one or more of the following areas: information technology, Business Continuity, Disaster recovery, IT risk management, vendor management or similar roles.

  • A working knowledge of policy frameworks such as ISO, COBIT and unified compliance framework
  • Solid knowledge and working experience in governance, risk and compliance as applies to technology
  • An advanced degree in Computer Science, Information Security or a related discipline, or equivalent work experience.
  • One or more of the following or equivalent certifications: BCI Certified (Business Continuity Institute - AMBCI. MBCI), Certified Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)

Preferred Experience

  • An in-depth understanding of ISO 22301, 27002, ISO 27001, ISO 31000 frameworks and applying these frameworks
  • Technical knowledge of Cloud technologies
  • Project management methodologies and vendor management
  • Familiarity with local and regional regulatory requirements and how they impact IT policies
  • Good understanding of business resilience and supplier chain management.
  • Working knowledge of cloud fundamentals (Azure, AWS, etc.)
  • Proficiency in advanced reporting and data visualization tools, specifically PowerBI
  • Experience with RSA Archer

For more Info: