EY IT Business Continuity Program Manager in Rochester, New York
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
The role of the IT Business Continuity Program Manager is responsible for developing, maintaining, and testing EY Technology’s business continuity program. The manager will support all business plan activities necessary to enable EY Technology to manage a crisis event as well as meet compliance requirements for BCP planning. The position’s primary goals will be to identify, document and test business needs against the IT infrastructure and identify recovery strategies and gaps.
Your key responsibilities
The IT Risk Management function creates and maintains EY Technologies’ risk management framework, processes, tooling, and strategy. Our primary objectives are to enable EY Technology to build a risk-aware culture, reduce IT risk, defend against internal and external threats, and protect client and EY data.
As an Associate Director leading the Business Continuity Management team, you will oversee the management of business continuity across EY Technology including the engagement of firm leadership, the management/remediation of information and technology risks, the interface to operational and business risk activities. You will partner closely with Global IT Risk Management leader to execute on the vision, strategy, goals, and objectives for IT Risk Management. The primary objectives for this role are to develop, maintain, and implement IT business continuity strategies and solutions including risk assessments, business impact assessments, and documentation of business continuity procedures and to act as a coordinator for business continuity efforts during and after a disruption event.
Skills and attributes for success
Serves as a point of escalation for IT business continuity for the firm
Work with all functional business areas to develop and maintain an IT Business Continuity program that addresses business recovery and emergency response management
Support the Director of ITRM in aligning all BCP planning, initiatives and goals with organizational goals and Infrastructure capabilities
Identify and make recommendations for change and adaptation to meet the needs of the business
Analyze impact on, and risk to, essential business functions or information systems to identify acceptable recovery time periods and resource requirements
Prepare research reports on business continuity leading practices and recommendations for implementation
Build and maintain Business Continuity and Business Recovery plans:
Develop and execute the maintenance and testing programs for all business continuity plans:
Facilitate and support the execution of the plans at the time of a crisis event
Lead team of analysts who execute on Business Impact Assessments
Identify improvements to BIA processes, procedures, and tooling
Develop training materials on Business Continuity and Business Impact Assessment subject areas
Define education and awareness plan and execute
Develop training plan for staff and key stakeholders on BCP and BIA
Train staff and managers on risk management and disaster recovery steps
To qualify for the role you must have:
An in-depth understanding of ISO 22301, 27002, ISO 27001, ISO 31000 frameworks and applying these frameworks
10 or more years of experience in the Information Technology, Information Security and/or IT Risk Management field(s)
5+ years managing business continuity within an organization
An advanced degree in Computer Science, Information Security or a related discipline, or equivalent work experience.
One or more of the following or equivalent certifications preferred: Certified Risk and Information Systems Control (CRISC), Certified Information Systems Security Processional (CISSP), Certified Information Security Manager (CISM), Certified Information System Auditor (CISA), Certified Internal Auditor (CIA), Global Information Assurance Certification (GIAC) in related area, CIPP, CIPT
Experience with RSA Archer
In partnership with the Global IT Risk Management Leader, drive adoption of industry leading risk management practices
Familiarity with local and regional regulatory requirements and how they impact IT policies
Experience in developing and executing reporting strategies
Projects advanced consultative skills to conduct effective questioning to break down complex issues into core elements, formulate appropriate ideas or planning and negotiate those ideas and plans clearly and concisely to advance a cooperative engagement by all levels of the organization including senior and/or executive management.
Outstanding interpersonal, communication, organizational, and decision-making skills and ability to communicate and gain support for initiatives
Strong English language skills; excellent writing, presentation, interpersonal, and communication skills are required
What we offer
We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
Please apply to this role only through the ‘Apply’ link (not through the local office). Your application will then be routed to the appropriate recruiting team.
The exceptional EY experience. It’s yours to build.
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.