Role Purpose
The Business Resilience Business Analyst is responsible for supporting the transition of the Cyber Resilience Programme from project delivery into sustainable Business-As-Usual (BAU) operations across Trading & Supply.
The role acts as the central custodian for resilience artefacts, playbooks, manual workarounds, testing schedules, resilience documentation and governance, ensuring that outputs delivered through the programme are operationalised, maintained and continuously improved within the broader T&S Business Resilience Framework.
Working across all Lines of Business, Functions, IDT teams and the CRISP programme, the role ensures that resilience capabilities developed during the programme can be effectively run, maintained, tested and governed beyond programme closure.
Key Accountabilities
Business Resilience Framework Integration: Support the incorporation of Cyber Resilience Programme outputs into the wider T&S Business Resilience Framework.
Define and establish sustainable ownership models for resilience artefacts and capabilities.
Ensure programme deliverables are transitioned into BAU governance, processes and operating models.
Support the development of enduring resilience standards, processes and controls.
Maintain alignment between CRP outputs, CRISP requirements and existing Business Resilience frameworks.
Run & Maintain Model Development
Lead the development of the long-term Run & Maintain approach for cyber resilience capabilities across T&S.
Establish governance, review cycles and ownership models for resilience artefacts.
Define ongoing maintenance requirements for: Cyber Playbooks, MVC Documentation, Manual Workarounds, Critical Role Lists, Recovery Documentation, Testing and Exercising Plans.
Ensure resilience documentation remains current, tested and fit for purpose.
Work with business owners to embed accountability for ongoing maintenance activities.
Playbook & Resilience Artefact Governance
Serve as the central focal point for management, review, publication and communication of Cyber Playbooks across T&S.
Maintain version control, approval workflows and document repositories.
Coordinate regular reviews and updates.
Ensure consistency of resilience documentation across all LOBs.
Monitor compliance with agreed review and approval cycles.
Testing & Exercising Management
Own and maintain the Cyber Resilience Testing and Exercising Schedule.
Coordinate exercises across T&S business units and functions.
Track findings, recommendations and remediation actions.
Ensure testing activities are aligned with Business Resilience Framework requirements.
Support readiness assessments and maturity reporting.
MVC & Manual Workaround Management
Manage workflows associated with maintaining Minimum Viable Company (MVC) documentation.
Coordinate annual reviews and updates of manual workaround procedures.
Monitor documentation completeness, quality and ownership.
Support businesses in maintaining resilience artefacts as part of BAU operations.
Track outstanding actions required to maintain resilience readiness.
Business Analysis & Continuous Improvement
Analyse resilience processes and identify improvement opportunities.
Support development of resilience metrics, KPIs and reporting.
Facilitate workshops and stakeholder engagement sessions.
Gather and document resilience requirements arising from business, regulatory or programme changes.
Support continuous improvement of resilience capabilities and governance processes.
Stakeholder Management
Work closely with: Programme Manager, Cyber Resilience Lead, Business Resilience Manager, Business Resilience SMEs, Change & Engage Lead, LOB Focals, IDT Teams to ensure resilience deliverables are successfully Embedded and maintained across Trading & Supply.
Experience Required
Essential: 5+ years Business Analyst or Business Resilience experience.
Experience in Business Continuity, Operational Resilience, Disaster Recovery or Cyber Resilience programmes.
Experience transitioning project deliverables into BAU operating models.
Strong governance and documentation management capabilities.
Experience facilitating workshops with senior business stakeholders.
Strong analytical, communication and stakeholder management skills.
Proficient in Microsoft 365 collaboration and reporting tools.
Desirable
Experience within Energy Trading, Commodities or Financial Services environments.
Knowledge of Business Continuity Management, Operational Resilience or Cyber Recovery frameworks.
Experience coordinating resilience exercises and testing programmes.
Familiarity with CRISP, MVC or cyber incident response planning.