Job Description

ECU Health

About ECU Health Medical Center

ECU Health Medical Center, one of four academic medical centers in North Carolina, is the 974-bed flagship hospital for ECU Health and serves as the primary teaching hospital for The Brody School of Medicine at East Carolina University. ECU Health Medical Center has achieved Magnet® designation twice and provides acute and intermediate care, rehabilitation and outpatient health services to a 29-county region that is home to more than 1.4 million people.

Position Summary

The IS Disaster Recovery Manager is responsible for developing, implementing, maintaining, communicating, and managing the governance and execution of the disaster recovery management (DRM) program for Vidant Health. The objective of the DRM program is to support IS systems' resilience and timely IS operations recovery following the occurrence of an outage or major disaster, such as cyberattacks, fires, earthquakes, floods, hurricanes, biochemical attacks, and pandemics that result in the partial or complete disruption of business or IS operations.

The IS Disaster Recovery Manager role comprises of activities to ensure that IS service recovery plans are fully developed and achievable by plan owners, support emergency operations plan creation and training, and provide general disaster recovery advising. Duties include conducting risk assessments, business impact analyses, technical requirements gathering, and collaborative development of written disaster recovery plans with plan owners. Major focus will be directed towards their effectiveness to restore services within the guidelines of the information technology service level agreements. This role also functions as the IS disaster event coordinator to help coordinate IS service restoration in a disaster scenario.

The IS Disaster Recovery Manager role requires strong leadership and communication skills to effectively collaborate with senior business unit management in the definition, prioritization and support of key business recovery requirements and objectives. In addition, the IS Disaster Recovery Manager should understand Vidant Health's business and industry. The successful IS Disaster Recovery Manager should be able to translate business operations recovery requirements into action-oriented plans, programs, and recovery testing strategies. The ideal candidate will be able to demonstrate strategic thinking, and effectively align the IS DRM activities with those of the IS Business Continuity, Disaster Management, and Regional Emergency Preparedness & Response programs on a proactive and continual basis.

Responsibilities

Demonstrates a commitment to supporting the business needs of Vidant Health by collaborating with business stakeholders in the development of an effective Disaster Recovery Management Program. The IS Disaster Recovery Manager is responsible for development, implementation, and maintenance of the enterprise-wide Disaster Recovery Program including, but not limited to assessing current risks, developing mitigation strategies and plans, developing and implementing a Technology Crisis Management Plan, and executing a robust testing and maintenance program. (25%)

Develop and implement the DR program. This includes establishing and maintaining all enterprise disaster recovery policies, standards, procedures, and guidelines.

Develop disaster recovery plans by working collaboratively with technology subject matter experts to document system applications and supporting infrastructure.

Create and improve disaster recovery processes and incorporate best practices using internal and external resources.

Lead remediation of corrective actions identified as part of exercises and / or audits.

Develop training for subject matter experts on disaster recovery tools, templates, and methodology for plan development.

Work collaboratively with business continuity, emergency management, and process owners to align disaster recovery plans with business needs.

Utilize disaster recovery software to document and validate all critical recovery information is current.

Facilitate/coordinate periodic reviews, updates, and signoffs to ensure completion of critical recovery documentation of infrastructure consistent with approved corporate policies, standards, and procedures.

Serve as lead in internal and external audit requests.

Assist with incident management protocols during events.

Participate on the Vidant Health Emergency Management Committee.

Develop a multi-year roadmap for the DRM program.

Manage continuous improvement of Disaster Recovery services and related processes.

Analyze and measure the effectiveness of existing disaster recovery service delivery and business processes and develop sustainable, repeatable, and quantifiable improvements.

Research and recommend possible automated approaches for disaster recovery tasks.

Evaluate new technology and tools for the delivery of disaster recovery services and build business cases for their use.
Demonstrates a commitment to customer service by providing responsive and effective support, developing solid working relationships with stakeholders, and delivering high quality, value-added services that exceed customer expectations. (50%)

Design, implementation, and management of Vidant Health's enterprise wide IS DRM program, including DR strategies, policies, maturity models, methodologies, plans, plan exercising, metrics, and scorecards for all components of the program.

Ensure that the IS DRM program collaborates, compliments, and fully aligns with the IS Business Continuity program and Disaster Management and Regional Emergency Preparedness & Response programs.

Participate in assessments of the impact of potential disruptions in IS services, including declaring a disaster and activating the DR plan.

Orchestrate the execution of the disaster recovery plan(s) when a business disruption occurs. Be responsible for data center recovery and serve as the key IS liaison to the IS Business Continuity and Disaster Management teams ensuring that IS technologies and processes support all key availability and recovery requirements.

Develop, negotiate, manage, and enforce contracts, along with associated service-level agreements (SLAs), for external DR service providers, as required.

Manage Vidant's relationship with our colocation vendor.

Initiate and manage data center recovery capacity planning coordination with key IS technology groups in support of specific business unit initiatives (current, planned, and new), focusing on proactively ensuring an adequate recovery network and processing environment, as well as accurate and predictive budgeting.

Interface with the IS Project Management Office to ensure that new and ongoing projects sustain the level of recoverability consistent with business objectives.

Manage the creation of program status communications and provide evidentiary documentation of Disaster Recovery tests to internal management, (e.g., the audit committee, BCM steering committee and business unit management) and external stakeholders (including regulators, auditors, and customers) regarding the status of the DR program, including annual reporting, audit report responses and customer requests.

Partner with internal technical and functional business teams and IS vendors to manage the development, implementation, and maintenance of the Disaster Recovery program to include planning, risk assessment, testing and ongoing process improvement. These internal teams consist of Applications, PMO, Analytics, Informatics, Systems and Procedures, Networking, Security, Server & Storage, End User Services, IAM, and others.

Partner with appropriate stakeholders, including the Director of Disaster Management and Regional Emergency Preparedness & Response Manager, to set recovery time objectives (RTO) and recovery point objectives (RPO) for business-critical application and core business services.

Lead cross functional reviews with technical and business stakeholders to identify high risk areas pertaining to IS disaster recovery and business continuity; provide timely mitigation and remediation plans.

Provide reports summarizing testing activities, outlining goals, planning efforts, scheduling, execution, results, analysis, conclusions, lessons learned and strategic recommendations to IS leadership.

Perform all departmental administrative activities, including staff meeting attendance, monthly status reporting, budgeting, strategic planning, staff performance management, expense processing, documentation, and other activities, as assigned, in a timely fashion.

Coordinate, facilitate and provide detailed direction for all resilience and disaster recovery testing activities. The person who fills this position is expected to collaborate with business continuity management (BCM), business unit management, external business partners and key IS staff members for the purpose of planning, directing, controlling, and maintaining an effective testing plan. This includes detailing lessons learned from tests and using these to form action plans for future improvements.

Provide project management for the disaster recovery team for projects specific to the application of technologies, such as storage mirroring, replication, deduplication technology, public Multiprotocol Label Switching (MPLS)-based network services and infrastructure management software automation.

Have a good background with IS Infrastructure, telecommunications, networks, and client operations.

Have a good working knowledge of IS disaster recovery life cycle, including risk assessment, BIA, plan strategies/development, testing/exercises, and training.

IS Operations Management: Overall IS Operations Management, Service Level Management, Resource Management, Processes & Standards Implementation, Compliance Management, Incident Management, Financial Management, Technical Management, and Information Security Management.

Promotes the philosophical direction of Vidant IS in the adoption of IT Service Management (ITSM) by managing team compliance with IS governance and ITSM processes and ensuring ITSM subject matter expertise within the team.

Participates in the annual external financial audit of security and controls and annual IS risk assessment across the health system. Participates in internal audits, as appropriate, as identified in the annual audit plan. Develops and implements action plans to address any DR related gaps identified during the audit process.
Demonstrates a commitment to employee professional development by providing opportunities for assuming new and varied responsibilities, training, and development, and coaching and mentoring by management and staff. (20%)

Recruits and develops DRM staff to create a high-performing team capable of supporting the current program while developing new skills needed to transform the IS organization and leverage next generation technologies and processes.

Provides promotional and career development opportunities for IS employees within a system that includes career paths, succession planning, and on-the-job training opportunities.

Conducts regular performance appraisals and recommends appropriate personnel actions.

Provides effective on-boarding and on-going coaching, mentoring, and feedback to improve performance, foster personal growth, and let employees know they are valued.

Creates a team oriented, professional work environment providing the requisite challenges to retain talented IS professionals.

Demonstrates a commitment to personal development by maintaining professional knowledge of current trends and developments in the information technology and health care industries through related seminars, independent study, professional associations, and conferences.

Provides direction to direct reports in the performance of their duties and their teams duties as well as establishing work priorities.

Attract and retain talent, and ensure staff development (leadership, cross-functional, technical). Promote and foster diversity.
Demonstrates a commitment to the effective utilization of IS human and financial resources by developing and monitoring capital and operating budgets and a multi-year financial plan to support the DR related IS Strategic Plan. (5%)

Identifies opportunities to leverage economies of scale and drive efficiencies to manage overall operating costs balancing business requirements with Vidant Health financial targets.

Develops a total cost of ownership (TCO) for all new and replacement systems securing business commitment to the one-time and on-going costs and identifying budgetary implications in the current and future fiscal years.

Create, track, and manage annual operating, capital, and project budgets.

Ensures that budgets are correct and timely and manages department spend to meet or beat budget.
Demonstrates commitment by promoting and adhering to the Vidant Health Code of Conduct, which includes the objectives of Vidant Health's compliance program, policies and procedures and ethical business practices. Promotes open, effective, and ongoing communication and the sharing of information among employees and sets the expectation that matters of concern get reported immediately.

Performs other duties as assigned by appropriate personnel.

Minimum Requirements

Bachelor's degree in Computer Science, Information Systems, Information Technology, Information Security, or a combination of education and hands-on work experience equivalence.

Minimum required certification: One (1) - Active Business Continuity \ Disaster Recovery certification such as Certified Business Continuity Professional (CBCP), Disaster Recovery Certified Expert (DRCE), Disaster Recovery Certified Planner (DRCP), Certificate of the Business Continuity Institute (CBCI), Certified Disaster Recovery Engineer (CDRE), Certified Business Continuity Manager (CBCM), Disaster Recovery Certified Specialist (DRCS) or EC-Council Disaster Recovery Professional (EDRP).

ITIL Foundation is required within one year of hire.

Preferred Training: Understanding of and experience in applying ISO 27001, ITIL v3, DRI International (DRII) or Business Continuity Institute (BCI) professional practices, as well as industry-specific regulations and regulatory bodies.

At least (5) years of experience in implementing DR plans, including:

Developing, implementing, maintaining, communicating, and managing the governance and execution of a disaster recovery management (DRM) program at a multi-entity, geographically diverse organization.

Conducting risk assessments, business impact analyses, technical requirements gathering, and collaborative development of written disaster recovery plans.

Developing mitigation strategies and plans, and executing a robust recovery plan testing and maintenance program.

Experience in defining, implementing, and enforcing risk-based standards, processes, and procedures for responding to disruptions in business or IS operations.

Minimum of (3) years of organizational management experience, including:

Proven strategic leadership and relationship management capabilities, including experience with internal stakeholders - particularly senior and LOB management, as well as customers, external business partners and third-party service providers.

Experience in creating and defining new operational models and procedures, and explaining complex problems or situations.

Strong leadership and communication skills are essential criteria for this position, because the IS Disaster Recovery Manager's success depends heavily on cooperation and commitment from every level of Vidant Health's business, and from personnel in many different roles.

Strong operational background and proven track record of accomplishments in Information Services within a large, complex, multi-location organization.

Preferred but not required: Seasoned professional with at least (2) years of health care provider experience that has a deep understanding of health care operations as well as the current business issues and trends influencing health care providers.


Required Knowledge and Skills

Thorough knowledge and understanding of current DR planning techniques and technologies, as well as the methods used to perform risk analyses and business impact analyses.

Working knowledge of data and voice telecommunications to guide the preparation of related recovery procedures. Examples include VMware SRM, EMC SRDF and Oracle Data Guard.

Polished interpersonal skills to communicate tactfully, effectively and with discretion within all levels of management.

Proven experience in maintaining schedules, documentation, communications, and meeting deadlines.

Ability to influence, work with, and coordinate cross-functional teams of technical and non-technical staff to successfully achieve organizational goals and objectives.

Ability to remain calm, helpful, and productive in all situations. Can maintain composure under pressure.

Broad IS knowledge and a comprehensive understanding of IS infrastructure and emerging technologies.

General Statement

It is the goal of ECU Health and its entities to employ the most qualified individual who best matches the requirements for the vacant position.

Offers of employment are subject to successful completion of all pre-employment screenings, which may include an occupational health screening, criminal record check, education, reference, and licensure verification.

We value diversity and are proud to be an equal opportunity employer. Decisions of employment are made based on business needs, job requirements and applicant’s qualifications without regard to race, color, religion, gender, national origin, disability status, protected veteran status, genetic information and testing, family and medical leave, sexual orientation, gender identity or expression or any other status protected by law. We prohibit retaliation against individuals who bring forth any complaint, orally or in writing, to the employer, or against any individuals who assist or participate in the investigation of any complaint.