The Business Continuity Specialist will lead the design, implementation, and maturation of a Business Continuity Management System (BCMS) aligned with ISO 22301:2019 for a global medical device organization. This is a hands-on implementation role — the specialist will be the sole dedicated resource driving the program from gap assessment through certification readiness across 15 business departments.
**This position will interact with native English speakers on a daily basis.**
Your Main Activities:
BCMS Governance & Framework:
- Establish the BCMS governance framework, including scope statement, BC Policy, RACI matrix, objectives, and KPIs.
- Design and implement a document control framework to standardize versioning, format, and distribution across all BC artifacts.
Business Impact Analysis (BIA):
- Facilitate structured BIA interviews with department BC Champions and Subject Matter Experts (~60–90 minutes per session).
- Create new BIAs for departments with zero coverage (IT, Finance, External BGM Ops, Sales Ops, Procurement, SIOP).
- Refresh and update existing BIAs from 2022–2023 to current MTD/RTO/RPO values.
- Consolidate findings into a cross-departmental risk register with recovery priorities.
BC/DR Plan Development:
- Develop the IT Disaster Recovery Plan in collaboration with IT leadership and infrastructure teams (~30–50 hours of stakeholder engagement).
- Author Incident Response Plan, Crisis Communication Plan, BC Strategies document, and department-level Business Continuity Plans.
- Create and maintain emergency contact lists and plan distribution records.
Exercise & Validation:
- Design the exercise program including scenario selection, scope, objectives, and evaluation criteria.
- Facilitate tabletop exercises with cross-functional participants.
- Produce post-exercise reports with findings, lessons learned, and corrective actions.
Audit Readiness & Continual Improvement:
- Conduct internal audit of the BCMS against ISO 22301 clause requirements.
- Facilitate the management review cycle and document corrective actions.
- Deliver a Certification Readiness Assessment as the final program output.
Project Governance:
- Deliver weekly status reports to the project sponsor and monthly steering committee updates.
You need to have experience with:
- Implementing or maturing BCMS programs in regulated or complex operational environments.
- Facilitating Business Impact Analysis across multiple departments with varying levels of BC maturity.
- Developing BC/DR plans, incident response procedures, and crisis communication frameworks.
- Designing and facilitating tabletop exercises and producing actionable post-exercise reports.
- Conducting internal audits against ISO management system standards.
- Stakeholder management across technical and non-technical audiences, including senior leadership.
- Working independently as the sole program driver with minimal supervision.
- Strong written communication skills for policy, plan, and report authoring.
You will stand out if you have:
- Fluent English skills.
- Proven track record working with U.S.-based companies.
- Bachelor's degree in Information Security, Risk Management, Business Administration, or related field.
- 5+ years of experience in business continuity, disaster recovery, or related roles.
- Experience in the medical device or healthcare industry.
- Familiarity with complementary frameworks such as:
- ISO 27001 (Information Security)
- ISO 31000 (Risk Management)
- HITRUST CSF
- HIPAA
- NIST Cybersecurity Framework
*Relevant certifications (a plus, not required):
- ISO 22301 Lead Implementer
- CBCP (Certified Business Continuity Professional)
- MBCI (Member of the Business Continuity Institute)
- CISSP, CISA, or CRISC
If you like it, just apply and good luck!
#LI-JM2