HiringCafe
Posted 3w ago

Cyber Resilience & BCP Expert

@ Opella
View All Jobs
Hyderabad, India, India
OnsiteFull Time
Responsibilities:Govern BCP, Coordinate continuity, Lead exercises
Requirements Summary:10+ years in BCP/operational resilience governance; BIAs, plan governance, and exercises; knowledge of cyber incident impacts on operations; ISO 22301, CBCP/MBCI, ITIL; cybersecurity exposure a plus.
Technical Tools Mentioned:AGILE, ITIL, ISO 27001, NIST, CISSP, CCSP, QxP, CIS20
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Job title: Cyber Resilience & BCP Expert

  • Location: Hyderabad

Opella is the self-care challenger with the purest and third-largest portfolio in the Over-The-Counter (OTC) & Vitamins, Minerals & Supplements (VMS) market globally.  

Our mission is to bring health in people’s hands by making self-care as simple as it should be. For half a billion consumers worldwide – and counting.

At the core of this mission is our 100 loved brands, our 11,000-strong global team, our 13 best-in-class manufacturing sites and 4 specialized science and innovation development centers. Headquartered in France, Opella is the proud maker of many of the world’s most loved brands, including Allegra, Buscopan, Doliprane, Dulcolax, Enterogermina, Essentiale and Mucosolvan.

B Corp certified in multiple markets, we are active players in the journey towards healthier people and planet. Find out more about our mission at www.opella.com.

About the job:

Our Team:

Our Governance, Risk & Compliance team, reporting directly to the CISO alongside the Security Architecture and Security Operations & SOC teams, plays a pivotal role in safeguarding the organization's assets and ensuring regulatory compliance. Under the leadership of the Governance, Risk & Compliance Lead, this team ensures our organization's technological infrastructure is secure, compliant, and resilient against evolving cyber threats.

Main responsibilities:

The Digital BCP & Cyber Resilience FTE, reporting to the GRC Lead, will play a pivotal role in ensuring robust risk management and governance on digital business continuity & Cyber resilience within the Governance, Risk & Compliance team. This role will own the governance and lifecycle of Digital Business Continuity Planning (BCP) for critical digital services, and embed cyber resilience into continuity preparedness—ensuring the organization can continue essential operations during cyber disruptions (e.g., ransomware, identity compromise, major outages caused by cyber events). Disaster Recovery (DR) design/execution is out of scope; this role focuses on governance, readiness, coordination, and assurance. Key responsibilities include:

1) BCP Governance & Standards

  • Define and maintain Digital BCP policy, standards, templates, and RACI (plan structure, review cadence, approval workflow, evidence retention).

  • Run the BCP governance cadence (coverage reviews, compliance checks, exception handling, action tracking).

2) BIA & Service Criticality

  • Govern BIA and service tiering for digital services (criticality, maximum tolerable downtime, minimum service levels, dependency mapping across people/process/technology/vendor).

  • Ensure continuity requirements are agreed and owned by business and service owners.

3) Continuity Plans & Operational Workarounds (Non‑DR)

  • Ensure each critical service has current BCP + operational continuity playbooks covering:

    • disruption scenarios, decision triggers, escalation, communications

    • manual workarounds / alternate procedures, minimum service operation, prioritization

    • dependency mapping (identity access, endpoints, networks, third parties, key data flows)

  • Perform plan quality assurance reviews and drive remediation of gaps.

4) Cyber Resilience Integration (BCP in a Cyber Context)

  • Embed cyber-specific continuity requirements into plans for scenarios such as:

    • ransomware/malware spread containment impacts (restricted access, segmented operations)

    • identity compromise / privileged access issues

    • loss of productivity tooling (email/collaboration) and degraded authentication

    • supplier/third-party cyber disruption affecting service delivery

  • Establish cyber continuity playbooks (non-technical) for “operate safely in degraded mode,” including:

    • minimum viable operations, manual approvals, alternative communications, decision authority

  • Coordinate closely with Cybersecurity/SOC/Incident Response to align: escalation paths, comms templates, governance checkpoints, and continuity decisioning.

5) Exercising & Readiness (Cyber-Focused Tabletop/Simulations)

  • Own the exercise program: BCP tabletop exercises and cyber disruption simulations (ransomware, identity outage, supplier breach).

  • Capture outcomes, maintain lessons learned, and drive closure of actions with accountable owners.

6) Reporting, Controls & Audit Readiness

  • Maintain a single source of truth for BIAs, plans, approvals, exercises, actions, and exceptions.

  • Deliver executive dashboards: coverage, plan currency, exercise completion, open actions, exception aging, and cyber-resilience readiness score.

7) Third‑Party Continuity Governance (with Cyber Lens)

  • Embed continuity requirements into vendor onboarding and periodic assurance for critical third parties (BCP attestations, continuity obligations, cyber incident notification alignment, dependency risk reviews).

  • Track concentration/single-point-of-failure risks and drive mitigation plans.

About you

·       Experience:

•        10+ years in BCP / Operational Resilience / IT Service Continuity governance, with demonstrated experience running BIAs, plan governance, and exercise programs.

•        Strong working knowledge of cyber incident impacts on operations (identity/access disruption, ransomware response constraints, third‑party cyber outages) and ability to translate them into continuity playbooks and governance.

•        Preferred certs: ISO 22301, CBCP/MBCI, ITIL (ITSCM); cybersecurity exposure (e.g., CISM/CRISC) is a plus.

·       Soft skills:

•        Broad experience in working in large digital teams, with an understanding of how digital and business processes are linked.

•        Stakeholder management and communication skills, especially when interacting with senior leadership.

•        Skilled problem solver and self-starter.

•        A hands-on pragmatic attitude to driving change.

•        Positive, "can-do" attitude.

·       Technical skills:

•        Experience with AGILE or similar project management frameworks.

•        Proven experience building/operating BCP governance (standards, testing programs, metrics, assurance).

•        Working knowledge of common information security management frameworks (ISO/IEC 27001, ITIL, NIST, NISD, CISSP/CCSP, QxP, CIS20).

·       Education:

•        Bachelor’s and master’s degree (preferred) in any of the following fields of study: Information Technology, Computer Science, Cybersecurity or Information Security

Why us?

At Opella, you will enjoy doing challenging, purposeful work, empowered to develop consumer brands with passion and creativity. This is your chance to grow new skills and be part of a bold, collaborative, and inclusive culture where people can thrive and be at their best every day.

We Are Challengers.

We are dedicated to making self-care as simple as it should be. That starts with our culture. We are challengers by nature, and this is how we do things:

All In Together: We keep each other honest and have each other's backs.

Courageous: We break boundaries and take thoughtful risks with creativity.        

Outcome-Obsessed: We are personally accountable, driving sustainable impact and results with integrity.

Radically Simple: We strive to make things simple for us and simple for consumers, as it should be.

Join us on our mission. Health. In your hands.

www.opella.com/en/careers