About Estée Lauder Companies
The Estée Lauder Companies is the global leader in prestige beauty - delighting consumers with transformative products and experiences, inspiring them to express their individual beauty. We are the only company focused solely on prestige makeup, skincare, fragrance, and hair care with a diverse portfolio of 25+ brands sold in approximately 150 countries and territories. Infused throughout our organization is a passion for creativity and imagination - a desire to push the boundaries and invent the unexpected - as we continue the bold work of our founder Estée Lauder.
Who We Are
Do you want to be part of the team catalyzing digital innovation, harnessing the power of data, and transforming the fabric of security across the world's most prestigious beauty, skincare, and luxury fragrance brands? Then join the information security and technology team, Enterprise Cybersecurity & Risk (ECR) at Estée Lauder Companies (ELC). ECR's security team fuels cyber defense, technology excellence, risk and compliance, and global resilience. We stay at the forefront of cyber threats to deliver fit-for-purpose tools, technologies, and processes that protect ELC's business operations and empower secure strategic growth. If you thrive in change-rich entrepreneurial environments, then this is the team for you. From our fast-paced delivery plans to our global team expansion, this is an exciting time to join us!
Want more jobs like this?
Get Business Operations jobs in Bucharest, Romania delivered to your inbox every week.
The Data Protection team leads the strategic protection of our company's data by developing and implementing robust protection frameworks to classify and secure sensitive and high-value information. We ensure our company's data is resilient by leading initiatives to fortify data assets, fostering a resilient infrastructure capable of withstanding disruptions, and ensuring the integrity and availability of critical information.
As a member of the Data Protection team, you will lead ELC's enterprise disaster recovery program, including developing policies and managing processes to ensure disaster recovery planning is conducted and exercised for all critical systems. You will ensure IT teams conduct thorough disaster recovery planning and can restore systems and recover data following any unplanned disruption. You will work across multiple teams to prepare ELC for disasters of all types and conduct exercises to assess and enhance readiness.
What You'll Do
You will be responsible for:
- Developing, implementing, maintaining, governing, and facilitating the enterprise's disaster recovery program to ensure systems and data can be recovered following all types of business disruptions (natural, technical, accidental, workforce, supplier, and geopolitical).
- Coordinating with business continuity planning teams to ensure business continuity and disaster recovery plans are integrated and program policies are aligned.
- Developing, implementing, and updating disaster recovery plans, communication protocols, and crisis management tools.
- Assessing and improving the disaster recovery program by evaluating governance models, risks to services, and disaster recovery processes and protocols.
- Developing and executing disaster recovery exercises to test readiness and identify opportunities for improvement.
- Creating and maintaining a secure repository for disaster recovery plans, reference materials, and tools to provide decision-makers with information needed for crisis response and recovery.
- Developing reporting schedules, communications, formal reports, and informal updates to leadership regarding the status of enterprise disaster recovery planning.
- Assessing and reporting on the company's ability to monitor and manage threats and risks related to system availability, crisis response, recovery, and data restoration.
- Assisting with the management of significant events, including guiding the operational aspects of crisis management, the mobilization of teams needed to restore services, minimizing business impact, and identifying opportunities to improve response capabilities and processes.
- Conducting business impact analyses to assess recovery requirements and develop strategies to mitigate gaps. This includes guiding the business in developing and documenting risks and remediation plans.
- Facilitating reviews following crisis events and disaster recovery exercises to assess response efforts, identify lessons learned, enhance response capabilities and processes, and report findings and recommendations.
- Working across functions and business units to review key business strategies and ensure alignment with disaster recovery planning related to critical business processes, systems, and data.
- Coordinating program audits related to disaster recovery planning.
- Advising business units and IT teams on risk assessments, business impact analyses, and disaster recovery planning strategies.
- Providing guidance on disaster recovery plans and requirements for mergers and acquisitions, joint ventures, new technologies and systems, and changes in data storage.
- Developing and delivering training and awareness related to disaster recovery planning.
- Providing leadership to the disaster recovery team and ensuring individual team members are aligned with organizational strategies and business goals.
- Developing, coaching, and mentoring team members.
- Building support from key business stakeholders to advance the goals of the disaster recovery program.
- Working with leadership on long-term strategies related to disaster recovery planning, including allocating resources and budgeting.
- Developing and managing productive working relationships with vendors, business partners, and service providers to ensure they meet the needs of the organization.
- Partnering with IT teams to ensure disaster recovery policies and procedures are effectively implemented.
Qualifications
Who You Are
- You have Business Continuity / Disaster Recovery (BC/DR) Domain Experience
- You have at least 7 years of work experience
- Required Education
- You have an undergraduate degree in technology or equivalent professional experience
- Certifications (preferred, not required)
- Certified Business Continuity Professional (CBCP)
- Certificate of the Business Continuity Institute (CBCI)
- Certified Disaster Recovery Engineer
- EC-Council Disaster Recovery Professional
- Certified Disaster Recovery Engineer
- Certified Functional Continuity Professional (CFCP)
- Master Business Continuity Professional (MBCP)
- Technical Requirements
- Proven experience in data resilience, crisis management, and business continuity
- Proficiency with common risk management tools (GRC, ServiceNow, or similar)
- Familiarity with common cyber security and disaster recovery management tools
- Experience leading and presenting BC/DR processes, including risk register and metrics/trends
- Experience assessing against common security and controls frameworks (FAIR, NIST CSF, NIST 800-52, ISO27001 or equivalent)
- Core Competencies
- Analytical Thinking: You possess strong analytical skills to assess and address complex challenges.
- Attention to Detail: You demonstrate meticulous attention to detail in designing and implementing secure processes.
- Collaboration / Relationship Building: You thrive in a highly collaborative environment, building strong partnerships with various stakeholders and cross-functional partners.
- Communication: You are a strong communicator able to communicate complex concepts to technical and non-technical stakeholders.
- Continuous Improvement: You embrace a mindset of continuous improvement, actively seeking opportunities to enhance cybersecurity practices and adapt to emerging threats.
- Problem Solving: You apply strong problem-solving skills to identify, assess, and resolve incidents effectively.
- Strategic Thinking & Execution: You apply strategic thinking to initiatives, aligning them with overall business goals, and executing plans effectively.
- Leadership Experience
- You have at least 5 years of Business Continuity / Disaster Recovery experience, with at least 3 years of experience managing direct and/or indirect reports in a large, matrixed organization.
- A Natural Leader and Results-Driven Manager: You inspire and guide your team with a clear vision, setting goals that align with organizational objectives.
- A Mentor, Coach, and Team Builder: You champion continuous learning and growth within your team by providing mentorship, and feedback, and cultivating a dynamic and collaborative work environment.
- An Effective Communicator and Change Champion: You foster open communication within your team, making informed decisions and leading your team through change with adaptability and resilience.
- Performance Management & Development: You have demonstrated success in managing the performance of direct reports, and providing consistent feedback and coaching.
Job: Information Technology
Primary Location: RO-B-Bucharest
Job Type: Standard
Schedule: Full-time
Shift: 1st (Day) Shift
Job Number: 243432