Incident Response, Continuity, and Disaster Recovery Lead

Summary The Incident Response, Business Continuity, and Disaster Recovery Lead is responsible for ensuring the organization's readiness to effectively respond to and recover from IT and cybersecurity related incidents, disruptions, and disasters. This role requires a strategic mindset, technical expertise, and the ability to coordinate efforts across departments to minimize the impact of disruptions and ensure business continuity. Essential Duties and Responsibilities: Core Requirements: · Facilitate and coordinate across teams to develop and maintain incident response plans, including procedures for identifying, assessing, and mitigating incidents. · Lead incident response efforts during cyberattacks, data breaches, natural disasters, and other emergencies, including leading discussions between both leaderships and technical levels. · Conduct tabletop exercises and drills to prepare staff for responding to emergencies. · Coordinate with relevant stakeholders to contain incidents, preserve evidence, and restore normal operations promptly. · Conduct post-incident reviews to identify lessons learned and coordinate across enterprise to facilitate the corresponding improvements to the incident response capabilities. · Develop and maintain business continuity plans, as it relates to IT and cybersecurity, to ensure the organization can continue critical operations during disruptions. · Identify key business processes, resources, and dependencies to prioritize continuity efforts. · Conduct business impact analyses to assess the potential consequences of disruptions and determine recovery priorities. · Coordinate with departmental leaders to develop and test continuity strategies, such as alternate work arrangements, data backups, and redundant systems. · Develop and maintain disaster recovery plans to provide alternative IT infrastructure, systems, and data following catastrophic events, including the identification and implementation of disaster recovery systems and processes. · Define recovery time objectives (RTOs) and recovery point objectives (RPOs) for critical systems and applications. · Coordinate with infrastructure to establish and refine procedures for data backup, replication, failover, and restoration. · Conduct regular tests and simulations to validate the effectiveness of disaster recovery plans and procedures. · Assist with training and awareness programs to educate employees on incident response, business continuity, and disaster recovery procedures. · Promote a culture of preparedness and resilience throughout the organization. · Stay up to date on the latest IT and security and industry trends including their compliance requirements. · Maintain knowledge of cybersecurity frameworks such as NIST and CIS and other security technology by attending workshops and reviewing publications · Responsible for overseeing the security controls for the company with minimal oversight. · Responsible for designing and implementing new IT and security solutions with minimal oversight. · With minimal oversight, maintain complex project tasks and interface with various teams. · Provide thoughts on and assist in developing new features to be added to the SIEM, as it aligns to identified cyber incidents. · With oversight, identify and design new security policies for the organization. · Effectively deal with rapid change in a positive manner. · Assist in process improvements to enhance the efficiency of current operational procedures. · Coordinate relations with and serve as a liaison between business and IT staff. · Assist in developing short-term and long-term department goals which support long-term strategic goals. · Ensure change management processes are followed for any environment and system changes. · Participate in all company/location driven communication efforts, including huddles, department meetings, and other related efforts. · Maintain a positive and professional working relationship with peers, management, support resources, and the community with a constant commitment to teamwork and exemplary customer service to present a professional image of D&H Distributing · Perform all other duties as assigned by management in a professional and efficient manner. Qualifications · Proven experience in incident response, business continuity, disaster recovery, or related fields. · Strong understanding of cybersecurity principles, IT infrastructure, and risk management frameworks. · Ability to remain calm and make sound decisions under pressure. · Experience with incident response tools, business continuity software, and disaster recovery technologies. · Willingness to participate in on-call rotations and respond to incidents outside of regular business hours, as needed. · Exceptional verbal and written communications skills · Effectively communicate complex technological issues in business terms at any level within the organization · Respond to customer inquiries, effectively communicate critical problems and discuss resolutions with management · Highly self-motivated and directed · Ability to prioritize and execute tasks in a high-pressure environment and make sound decisions in emergency situations Education and/or Experience · Associates degree in Cybersecurity or similar area of study required or equivalent years of related work experience · Bachelor’s degree in Cybersecurity or similar area of study preferred · At least 3-5 years of experience in cybersecurity with implementation and system maintenance preferred · Industry certifications (CBCP, CEH, Security+, SANS, CISSP, OSCP, CISA or similar) preferred · Scripting experience in PowerShell, Python or Perl preferred