Job Description

The Director, Business Continuity Management will manage and lead the enterprise business continuity program across the organization. This role will be responsible for the management and coordination of Enterprise level programs, specifically developed and implemented to ensure the company has in place the necessary processes and programs to respond and recover from significant business disruptions.

Responsibilities include coordinating and facilitating the design, development, maintenance and testing of crisis response and recovery plans for critical corporate functions and operating unit processes to ensure an integrated approach for BCM processes across the Company. To be successful in this role, the Director is skilled in current Business Continuity management process and platforms with a strong understanding of business, infrastructure operations and related technologies. This role reports directly to the Senior Director of Enterprise Risk Management (ERM).

Success in this role requires an authentic people leader with strong leadership experience who will be able to balance team objectives, hands-on leadership of the varied Business Continuity processes and collaboration across multiple business organizations. Leadership and vision in driving the future state objectives of the organization in alignment with Cybersecurity, Enterprise Risk Management, Disaster Recovery and business goals will be essential to success. This individual will engage with peers to understand business and technology objectives with priorities and bring those objectives into alignment with the organization’s BCM requirements.

1. Build and maintain strong positive working relationships with colleagues across the company, business stakeholders and vendors to ensure effective and efficient ways of working.

2. Work closely with BU leadership and internal stakeholders to align stakeholder priorities with operational planning (BIA’s and BCP’s).

3. Review the outcomes of Business Impact Analysis (BIA) and aligning the Business Continuity framework, strategy and plans to support the business need.

4. Develop effective strategies to respond to operational service disruption in the event of a significant incident or disaster.

5. Review, recommend and maintain the BC strategies.

6. Recommend BC solutions based on factors including criticality of systems or data, stakeholder expectations, and vendor capabilities.

7. Identify business continuity risks, potential impact, likelihood and identifying the mitigation for these risks.

8. Champion BC plan awareness efforts with stakeholders and vendors and ensure alignment with business requirements.

9. Responsible for managing the administration of the Business Continuity program, including:

• Ensure that program components (Business Impact Analysis, Business Continuity Plans, Risk Assessments, strategies, etc.) are current, effective, and address the organization’s business requirements.
• Facilitate Business Continuity Exercises and participate in Disaster Recovery Exercises.
• Prepare schedules and materials for Business Continuity training/awareness activities to ensure that disaster recovery teams are educated in implementing the Business Continuity Plans.
• Validate recovery capabilities of vendors and third parties.
• Administer and manage content in the ServiceNow BCM module.

10. Facilitate engagement and interaction across BUs and central support functions to align approaches and share best practices

11. Maintain a single view of risks (of disruption) to important business services and work being done to mitigate those risks

12. Collaborate and work closely with Disaster Recovery to enhance enterprise resilience governance program and synchronization with overall Cybersecurity governance and prioritization.

CAPABILITIES

• Business Acumen and Partnering
• Business Partnering and Ideation
• Determining criticality of business services and supporting systems
• Mapping and understanding critical end-to-end business services
• Business continuity strategy and planning · Designing application resilience and recoverability
• Managing business continuity management system
• Managing emergency notification system (or problem management)
• Aligning criticality and capabilities with third party risk program
• Conducting exercises, tests and simulations that validate the overall recoverability of end-to-end business services
• Collaborate with Disaster Recovery to review cloud and SaaS recoverability information, integrating DR-owned technical recovery strategies into the broader Business Continuity planning framework.
• Stay informed on infrastructure resilience measures, such as security, storage, and network capabilities
• Education and awareness of resilience responsibilities within business, technology and support function

This is a remote position.

This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa. Must be legally authorized to work in the country of employment without needing sponsorship for employment work visa status now or in the future.

Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company’s staff, employees, and business relationships.

Must be eighteen years or older

FORMAL EDUCATION:

Required:

• Bachelor’s Degree (or foreign equivalent) or in lieu of a degree, at least 12 years in experience in the field of Information Technology or Business (work experience or a combination of education and work experience in the field of Information Technology or Business).

Preferred:

• Master’s degree in Computer Science, Cyber Security, Information Technology, Risk Management, or related field; or equivalent experience
• Certifications: CRISC, CISM, CISA

KNOWLEDGE & EXPERIENCE:

Required:

• 12+ yrs of IT/Cyber experience
• 10+ years of operational resilience and/or business continuity management experience
• 8+ years leading a team of direct reports
• 7+ years of experience with management of regulatory requirements and leading practices within operational resilience
• 7+ years with enterprise resilience or business continuity programs
• 7+ years of experience with common technology control and risk management frameworks like NIST CSF, Secure Controls Framework (SCF) ISO 27000 series, SOC 2, and compliance regimes like Sarbanes Oxley, GDPR, CCPA, etc.
• Broad knowledge of common standards, frameworks, and regulatory requirements
• Ability to observe business, understand pain-points and break-through legacy systems and processes
• Recommend innovative & transformation solutions with strong ROI
• Clear and concise verbal and written communication
• Ability to lead through influence, including at executive levels

Preferred:

• 10+ years working in the Manufacturing or Consumer Products industry
• Experience leading large scale projects
• Auditing across a range of Business Continuity and Disaster Recovery capabilities

At Sherwin-Williams, our purpose is to inspire and improve the world by coloring and protecting what matters. Our paints, coatings and innovative solutions make the places and spaces in our world brighter and stronger. Your skills, talent and passion make it possible to live this purpose, and for customers and our business to achieve great results. Sherwin-Williams is a place that takes its stability, growth and momentum and translates it to possibility for our people. Our people are behind the strength of our success, and we invest and support you in:

Life … with rewards, benefits and the flexibility to enhance your health and well-being
Career … with opportunities to learn, develop new skills and grow your contribution
Connection … with an inclusive team and commitment to our own and broader communities
It's all here for you... let's Create Your Possible

At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commute—it matters to us. A general description of benefits offered can be found at http://www.myswbenefits.com/ Click on “Candidates” to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee.

Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.

Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable federal, state, and local laws including with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act where applicable.

Sherwin-Williams is proud to be an Equal Employment Opportunity employer.  All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.

As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans.

Please be aware, Sherwin-Williams recruiting team members will never request a candidate to provide a payment, ask for financial information, or sensitive personal information like national identification numbers, date of birth, or bank account numbers during the application process.