About the Role

We are seeking a Senior Information Security Analyst to join the Risk Analytics and Compliance team within our Information Security Governance, Risk, and Compliance (GRC) department. Reporting to the Information Security Manager, this role is crucial for enhancing our disaster recovery and business continuity capabilities.

Key Responsibilities

• Serve as a subject matter expert for disaster recovery compliance.
• Gain comprehensive understanding of UPS's information security and disaster recovery program, mission, and business continuity services.
• Understand and apply disaster recovery compliance requirements as outlined in the UPS Standard Practice Manual.
• Collaborate with application teams to develop high-quality disaster recovery planning (DRP) assessments.
• Contribute to strategic planning to improve and mature the disaster recovery program.
• Support the DR program through operational activities, including understanding DRP assessments and exercise assessment templates.
• Manage and execute IT disaster recovery awareness campaigns and associated training to ensure compliance and quality.
• Generate reports on DR compliance metrics through daily system operational audits.
• Investigate and escalate issues to ensure effective resolutions.
• Conduct audit checks, review DRP and exercise assessments, assign risk, re-audit plans with assigned risks, and provide guidance during review meetings.
• Assist IT teams in creating clear, executable recovery plans, investigate resiliency issues, escalate gaps, track remediation of risks, and provide best practices for planning exercises.
• Handle internal customer inquiries via email, Teams, and phone regarding the OneTrust GRC platform, DR Plan Assessments, DR policies, and DR best practices.

Qualifications

• Bachelor's degree in Computer Science, Computer Engineering, Information Security, or a related field.
• 3 years of experience in an Information Security role.
• Relevant certifications such as CISA, CRISC, CISM, GSEC, or CBCP - Certified Business Continuity Professional are highly regarded.