Business Continuity & Disaster Recovery Specialist

Posted:
9/18/2024, 4:20:34 AM

Location(s):
Buffalo, New York, United States ⋅ New York, United States

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
Business & Strategy

Workplace Type:
On-site

Overview:

Executes, develops, trains, and educates major program initiatives and projects  in support of Business Resiliency and the Crisis Management Office.  Tracks and implements new or revised regulatory requirements, the Bank’s risk framework and applicable best practices in the field of Organizational Resiliency. Supports the Crisis Management Office by assisting in coordinating incident response/incident management activities, developing crisis management plans, and conducting situational awareness monitoring. Regularly coordinates with and supports key program stakeholders, while leveraging timely & effective verbal/written communication skills.

Primary Responsibilities:

  • Conduct comprehensive Threat and Risk Assessments (TRAs) of critical threats within the Bank’s footprint/critical facilities, coordinating with internal and external Subject Matter Experts (SMEs) to regularly assess threats, probabilities, mitigating controls, and impacts, developing remediation plans to address gaps.

  • Utilize subject matter expertise and available tools, including risk assessments and situational awareness notifications to develop, maintain and/or implement crisis management/incident management response & recovery strategies . 

  • Work closely with business teams and response framework stakeholders to identify potential or ongoing impacts to Bank operations resulting from various types of disruptive events; provide guidance on crisis management best practices, and assist in the coordination of incident response strategies, tasks, and actions.

  • Facilitate effective crisis management exercises and training events, , to include conducting a Needs Assessment, assessing current capabilities/gaps, and developing a comprehensive project plan.

  • Assess the adequacy of existing crisis management plans and procedures, identify opportunities for enhancement, and coordinate with plan owners and stakeholders to ensure issues are remediated.

  •  Administer the Crisis Management Office repository of open action Items, issues, and remediation efforts; develop applicable status reports for program management, track past due items, and coordinate with action item owners to remediate identified issues.

  • Prepare periodic updates and reports on assigned initiatives.

  • Develop reports such as exercise Executive Summaries, After-Action Review records, and action item status reports effectively communicating key information and detailed analysis to program leadership and stakeholders.

  • Support and prepare internal communications as required.

  • Assist in the development and periodic review of Standard Operating Procedures (SOPs) annually and throughout the year as necessary when changes occur.

  • Identify updates needed to key program documentation, response processes, software, and tools, proposing effective changes.

  • Maintain currency on all applicable regulatory, banking and industry standards related to Business Resiliency & Crisis Management, to include remaining current on professional certifications in the field.

  • Prepare for and respond to audit and regulator meetings.

  • Ensure ongoing compliance with BCM program requirements, FFIEC BCM standards and guidelines and any other relevant best practices.

  • Under guidance of the Incident Commander and the Director of the Crisis Management Office, assist with meetings related to a disruptive event, compile situational awareness updates , communicate with response stakeholders , and ensure decisions made by the Incident Commander are shared with  key business lines.

  • Provide administrative support to crisis management team; launch notifications (call, text, email), scribe and help draft effective & timely communications.

  • Complete due diligence reviews for Tier 1 high priority, Tier 2 services and detailed due diligence reviews of Tier 1 critical third-party services as assigned. Complete reviews of third-party non-traditional program oversight programs and any service provider due diligence tests assigned by Third Party Risk Management (TPRM).

  • Work with service owners and third-party vendor relationship managers as needed to assess criticality of the service to the business and ensure the Tier 1 critical third parties maintain compliance with our Program requirements.

  • Strengthen awareness, procedural knowledge, and collaborative relationships related to the Crisis Management program through periodic training, education, and exercises.

  • Assist with creation and administration of training and awareness presentations or materials; develop training materials, train personnel in related organizational or compliance procedures; provide system training to users of the planning system and guidance on plan content.  Provide user feedback to teammates regarding frustrations and suggestions for improvement to the system.

  • Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite.  Identify risk-related issues needing escalation to management.

  • Promote an environment that supports diversity and reflects the M&T Bank brand.

  • Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.

  • Complete other related duties as assigned.

Scope of Responsibilities:

This position receives limited guidance, has internal department project leadership, and will be expected to effectively coordinate with program stakeholders under limited supervision.

Education and Experience Required:

Minimum of 4 years’ combined higher education and/or related work experience

Familiarity with basic risk management and risk assessment concepts

Strong understanding of Organizational Resiliency and Crisis/Incident Management concepts

Knowledge of Business Continuity/Business Resiliency professional practice disciplines, to include Crisis/Incident Management. 

Experience coordinating or actively directing incident response activities

Effective verbal and written communication skills

Ability to work effectively with team members and build interpersonal relationships with stakeholders.

Experience working autonomously in the completion of competing priorities, Business as Usual (BAU) responsibilities, project deliverables and operational support tasks

Proven experience managing assigned projects and utilizing effective time management.

Education and Experience Preferred:

Bachelor's degree

Minimum of 3 years’ experience in 2nd or 3rd line risk within a financial institution

Expertise in Crisis Management/Incident Management roles, to include skills such as threat assessment, situational awareness monitoring, crisis & emergency planning, incident response, and facilitating effective crisis exercises.

Experience in Organizational Resiliency and/or Crisis Management specific to the financial industry.

Certification in Resiliency, Crisis Management, Incident Management, or Business Continuity

Knowledge of financial industry specific regulatory requirements pertaining to Crisis Management such as the FFIEC Business Continuity Handbook or NFPA 1660.

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $60,890.34 - $101,483.90 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Buffalo, New York, United States of America