The Financial Services Information Sharing and Analysis Center (FS-ISAC), was created by and for members and operates as a member-owned 501(c)(6), not-for-profit entity. FS-ISAC serves as a bi-directional information and intelligence organization leading the financial services sector efforts to protect against and mitigate as needed cyber and physical threats and incidents against financial firms.
The FS-ISAC Director of Business Resilience is responsible for developing business resiliency information sharing practices and leading the member-led FS-ISAC Business Resilience Committee (BRC). The Director leads and contributes to FS-ISAC member information sharing services, which strengthen the financial sector by aiding in business restoration planning and event coordination. The Director is also responsible for developing peer best practices, improve crisis response playbooks, participate in exercises, draft crisis response alerts and coordinate during crisis situations. The Director reports to the FS-ISAC’s Vice President of Business Resilience.
- Lead the FS-ISAC Business Resilience Committee (BRC), including:
- Develop trusted information sharing practices and facilitate anonymous member information sharing, and support of peer best practice communications.
- Plan and manage monthly meetings including inviting speakers and developing content.
- Facilitate and engage BRC members in the physical risk assessment survey and ongoing sector physical threat rating process.
- Lead and assist in project management of collaborative BRC projects.
- Develop, maintain and exercise sector coordination playbooks and communication plans in consultation with relevant stakeholders, public sector plans, and the needs of the financial sector.
- Update the FS-ISAC All-Hazards Framework and Playbook appendices.
- Develop, maintain and facilitate training for crisis response playbooks.
- Develop and facilitate business resiliency exercises to improve coordination of consequence management between FS-ISAC membership and relevant stakeholders.
- Ensure that the relevant contact lists and the information within the Critical Information Notification System (CINS) remain current and complete.
- Share leadership responsibility for crisis response and playbook activation, on behalf of FS-ISAC and FSSCC membership.
- Monitor and communicate sector physical and cyber threats alerts and make BRC membership aware of financial sector significance.
- Participate in physical crisis response and cyber incident response for the financial sector.
- Develop and create partnerships to build and manage FS-ISAC crisis response staff activities.
- Document and maintain sector crisis response FS-ISAC policy & procedures.
- Participate with FS-ISAC Intel officers and communication leaders to publish membership alerts.
- Coordinate with public sector and cross-sector agencies.
- Perform all other duties as assigned
- To perform the job successfully, an individual should demonstrate the following competencies:
- Interpersonal Skills – Able to interact with individuals with variety of backgrounds and experience.
- Planning, Organizational and Project Managing Skills – Sets priorities, organizes tasks and activities; effectively handles multiple tasks simultaneously and consistently; plans meetings; develops content for programs and conference calls; manages long-term projects.
- Problem Solving and Analytics – Thinks critically and independently to identify potential situations; effectively communicates issues to the team; identifies and offers problem solving for all related areas.
- Focus on Quality – Is detail-oriented; consistently produces high-quality work without close supervision not only for themselves but also on behalf of the organization ensuring all known content abides by the highest standards set by the organization and its subsidiaries.
- Communications – Writes clearly and concisely. Organizes thoughts in logical manner and communicates effectively.
Bachelor’s degree or equivalent combination of education and experience.
Minimum 7 years leading a Business Continuity program or Crisis Management Teams.
- Experience performing Business Impact Analyses (BIA) and risk assessments.
- Experience in designing and document development:
- Business continuity plans and IT technical recovery plans,
- Crisis response and incident management plans.
Experience implementing FFIEC business continuity, security and third-party regulatory requirements. Knowledgeable in NIST standards for business continuity, technology exercising and cybersecurity risk framework.
- Project management expertise a plus.
- Experience working for an association and/or financial services firm a plus.
- Aptitude for and is well-versed in technology applications and platforms in general (e.g., Office 365, CRM, AMS, SharePoint, Salesforce, cloud-based productivity apps).
This position is performed in an office work environment with physical demands associated with that environment. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.