Campus Pride Jobs

Overview

Essential Functions:

The goals of the resiliency program are, first and foremost, to protect the life and safety of ABM 's workforce, visitors, and other stakeholders, and the communities in which it operates. In addition, the resiliency program is developed to protect the enterprise's brand and reputation in the marketplace when a disruption to normal business operations occurs. This role requires an experienced individual with skills such as strategic thinking, excellent communications, leadership, management and persuasion capability, an understanding of ABM 's business and industry, and a strong willingness to learn and collaborate. The successful resiliency program leader will be able to translate strategy into measurable and effective action-oriented processes and programs, and effectively link the enterprise's resiliency activities to business operations and objectives.

ABM 's resiliency program leader responsibilities include:

Develop and manage resiliency program components, including:

• Program governance framework (see below)

• Program operating framework, (see below)

• Facilitate the development of the resiliency program disciplines that address the response, recovery, restoration and resilience needs of the entire enterprise as defined by the BIA (Business Impact Analysis).

• Facilitate the development and delivery of a testing exercising, maintenance and ongoing improvement program of the response, recovery and restoration strategies and plans to ensure that ABM can effectively respond, manage and recover from major disruptions as a result of a broad range of current, emerging or newly recognized threats. These threats include, but are not limited to, weather-related events, earthquakes/tsunamis, fires, pandemics, terrorist acts, criminal acts, cyberattacks, or political or social turmoil.

• Manage the enterprise's response, recovery and restoration activities in the face of an actual disaster.

• Work across each of the internal and external organizations to ensure the success and effectiveness of the resiliency program, including board of directors/regents, executive management, resiliency executive steering committee, enterprise risk management committee, enterprise operations management committee, line of business/departmental managers, business-unit resiliency program coordinators, IT, human resources, legal/compliance, audit, cybersecurity, physical security, facilities management, suppliers/third parties and business partners, government agencies/national security/first responders, utilities, insurance firms, regulators, and the media.

Resiliency Program Governance Activities

The Resiliency program leader is responsible for the following governance activities:

• Strategy, plan, build, run and manage the ABM 's enterprise wide RESILENCY program governance framework, including:

• Charter/policy, scope, and objectives

• Program and enterprise-wide roles and responsibilities including the RESILENCY program office, the resiliency executive steering committee, and the distributed business unit/division/departmental resiliency program operating structure such as business unit and IT representatives having BC and disaster recovery (DR) responsibilities

• Standards and guidelines, as they apply

• Program status benchmarking and maturity assessment

• Applicable standards, directives, and frameworks based on the industry and geographic location of the enterprise

• Annual program management and reporting schedule program metrics, key risk indicators (KRIs), benchmarking, and program scorecard for all disciplines of the program

• Advise business units on hiring personnel to fulfill the distributed resiliency operating program structure

• Act as chairperson of ABM 's resiliency steering committee and distributed resiliency operating structure forum

RESILENCY Program Operational Management Activities

Plan, build, run and manage the enterprise-wide ABM 's resiliency program operational framework, including:

• Risk assessment for availability threats framework

• Business impact analysis framework

• Dependency mapping framework

• Recovery strategy framework

• Plan templates

• Exercising framework and schedule

• Training and awareness framework and methods

• Program improvement and management framework

• Work in conjunction with the enterprise risk management function to identify and assess business disruption risks and their impacts associated with ABM 's current business practices and strategic plans

• Design and implement an enterprise wide RESILENCY awareness and education program to ensure that nominated responders and business continuity plan owners are competent to carry out their roles. And ensure that all ABM 's personnel clearly understand their responsibilities before, during and after a business disruption

• Work closely with business units, the IT department, information and physical security, and external parties to establish and regularly review key business strategies in alignment with RESILENCY needs, including the recovery and restoration of ABM 's mission-critical business processes, personnel, data and equipment

• Manage cross-enterprise interdependencies and expenditures for resiliency (for example, applications used by many business units across the enterprise)

• Coordinate and facilitate cross-enterprise resiliency exercises, including those with suppliers and business partners

• Develop, negotiate, manage and enforce contracts and SLAs for internal and external RESILENCY service providers as well as resiliency program software solutions, as needed

• Develop formal reporting schedules, coordinate and deliver all enterprise communications to internal management (board of directors, the audit committee, resiliency executive steering committee and business unit management) and external stakeholders (regulators, auditors, customers and so forth) regarding the status of the enterprise resiliency program, including annual reporting, audit report responses and customer requests

• Coordinate resiliency program audits — internal and external, as well as customer/prospect requests for resiliency program assessments

• Manage the execution of all recovery plans when a business disruption occurs

3.3 Advisory and Consulting Activities

The resiliency program leader and direct reports are responsible for providing advisory services to the business and support functions of ABM . Advisory and consulting services should be provided to internal customers as follows:

• Advise business units and the IT department in conducting risk assessments and business impact analyses; in developing appropriate business disruption risk mitigation strategies and controls; and in creating, implementing, exercising, and maintaining resiliency and disaster recovery plans

• Assist business and support functions in evaluating tools and technology that support the enterprise's response, recovery and restoration strategies

• Provide insights before conducting due diligence on mergers, acquisitions, joint ventures, new products/services, facility changes and others

• Assist business and support functions to vet the availability capabilities of business and IT suppliers

• Provide recommendations to business and IT leaders on practices followed in the industry to mitigate availability risks

• Provide advisory services on project management challenges

• Provide advisory services on root cause analysis for delays in the implementation of the resiliency strategy — due to a lack of budget, lack of skill, ignorance of the staff, human error, and difference in understanding of the risk level and impact

Required Qualifications:

Education:

• Bachelor’s degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.

Experience:

• Five-plus years’ experience in resiliency

Licenses:

Preferable, but not required: Certified Business Continuity Professional (CBCP), Master Business Continuity Professional (MBCP), Fellow Business Continuity Institute (FBCI), Member Business Continuity Institute (MBCI), and/or NIMS/ICS certification

Preferred Qualifications:

Education:

• Bachelor’s degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.

Experience:

• Five-plus years’ experience in resiliency

Other:

• Self-aware and capable of remaining calm under intense pressure.

• Strong written and oral communication skills across varying levels of the organization.

• Excellent judgment and the ability to make quick decisions when working with complex situations.

• Organized, with the ability to prioritize and respond within defined SLAs and maintain composure.

• Manager who prioritizes the growth and well-being of team members.

• Generally familiar with one or more but not limited to: PCI, FFIEC, SOX, HIPAA, GDPR, CCPA and GLBA.

• Track record of acting with integrity, taking pride in work, seeking to excel, and being curious and flexible.

• High degree of integrity, trustworthiness, professionalism and character.

• Corporate office environment. Hybrid office 2-3 times per week in the office.

REQNUMBER: 90340

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.