Your Purpose

The Resilience Program Manager, is vital in establishing resilience to withstand, recover from, or adapt to challenges or changes within the organization and guaranteeing compliance with regulatory standards. Their responsibilities include defining, managing, enhancing, and maintaining the Organizational Resilience Planning program. Additionally, you will be tasked with monitoring the program's effectiveness and maturity.

Reports To

Information Security Senior Manager

Who You Are

• The role is an information security professional with a minimum of 5 years of experience in Information Technology management, Information Security management or similar organizational resilience management roles.
• You possess strong Leadership and Relationship-building skills. This encompasses the skill to guide other employees in project leadership and oversee a team of specialists. You can effectively coordinate and collaborate with cross-functional teams and external stakeholders.
• You possess at least 3 years of hands-on experience leading business impact analysis (BIA), Application Impact Analysis (AIA), disaster recovery planning(DRP), IT contingency planning, data backup and restoration, or implementing resilient IT systems in cloud environments.
• You have expert knowledge in IT Contingency planning and best practices (e.g. ISO 27031, NIST 800-34).
• You have proficiency in Business Continuity frameworks and best practices (e.g. ISO 22301).
• You possess a competent understanding of AWS Cloud infrastructure.
• You possess a competent understanding of Crisis Management leading and facilitating crisis management exercises and simulations (e.g. tabletop exercises).
• You are a Certified ISO 27031 Lead Implementer or possess an equivalent certification with focus on Business Continuity, IT Contingency planning, or Cyber resilience.
• You possess strong communication skills. These are crucial as the role involves coordinating with internal teams, external auditors, and various technical and non-technical groups during disaster and IT contingency planning scenarios. Being able to effectively communicate initiatives, key messages, recommendations, and remediation strategies to different levels of stakeholders is key.
• You possess strong Project Management skills. Given the role's responsibilities, you must be able to keep track of essential tasks, contacts, and processes that are in place considering a business incident or an implementation project. You possess the ability to manage project portfolios.
• You are an agile and avid learner. Information security is a rapidly evolving field, so you have a willingness to continuously learn and stay updated on the latest trends, threats, and best practices in the industry. Keeping up to date will help in effectively implementing security measures.
• Proven English proficiency. You are comfortable presenting to English-speaking audiences and creating deliverables in that language. You can maintain a fluid conversation in English.
• Finally, you are passionate about your practice and profession, and you can see beyond the technology and controls. You find confluence points and create synergies. You believe in teamwork, and you believe that by empowering an organization to protect itself you are on the side of a noble and much-needed cause.

What You Will Do

• Establish the vision and direction of Bitso's Resilience Planning Program.
• Accountable for designing and maintain IT Contingency plans, strategies, policies, processes, and procedures to correspond with and uphold the organizational risk landscape, information security efforts, and regulatory requirements.
• Accountable for design and coordinate the implementation of Cyber Resilience Standards within the organization.
• Accountable for design and coordinate the implementation of Disaster Recovery Plans and consistently improve them to adhere to defined Cyber Resilience Standards.
• Identify the threats and risks impacting IT operations and the business environment, along with devising corresponding countermeasures as stipulated by regulatory requirements and business imperatives.
• Facilitate the integration of the IT Contingency Planning lifecycle for critical functions, ensuring the proficient development of IT continuity risk assessments, business impact analyses, application impact analyses, cost-benefit analyses, and recovery strategies.
• Align IT Contingency with Business Continuity strategies.
• Understand and adhere to associated risk escalation criteria within partner programs, encompassing Information Security Risk, Business Continuity, Cyber Incident Response, and Enterprise Risk Management.
• Analyze and share Organizational Resilience planning performance metrics.
• Establishing and executing an Organizational Resilience awareness and training program.
• Present the outcomes of planning tests and exercises to executives, highlighting key findings.
• Uphold maintenance standards by conducting regular plan reviews and drills.
• Take part in business continuity tests to ensure operational readiness.

Your Team

As part of the Information Security Governance, Risk, and Compliance team you will:

• Use holistic approaches interconnecting Business Continuity, IT Contingency Planning & Cyber Resilience through project management and applying industry best practices and standards.
• Lead a team of high valued specialists in Business Continuity and IT contingency.
• Connect information security with other departments.
• Ensure that the different lines of business are aligned with the defined organizational resilience culture and practices.
• Work in a matrix organization structure.
• Use Agile approaches in their projects.
• Focus on quality and excellence in their results.

Beyond our team, you will collaborate closely with:

• Organizational risk, compliance, and regulatory internal and external teams to ensure proper adherence to information security compliance processes and regulatory requirements.
• Engineering, Operations, and other technical groups to assist in implementing IT contingency plans and strategies.
• The Organizational Crisis Management Team, fulfilling reporting obligations during crisis scenarios.
• Incident Response Team to coordinate Disaster Recovery Plan activation and recovery strategies.
• Communications team to assist during Crisis management.

Research in Diversity, Equity, and Inclusion suggests that individuals may hesitate to apply for jobs if they do not meet all the listed criteria. At Bitso, we value diversity and your unique strengths could be just what we're looking for. If this role excites you but you don't match every point in the description, we still want to hear from you.

#LI-Remote