Post Job Free
Sign in

Business Continuity Disaster Recovery

Location:
Markham, ON, L3S 3W8, Canada
Posted:
July 03, 2025

Contact this candidate

Resume:

MOHAMMAD HANIF, CBCI Phone: 647-***-****, 416-***-****

Location: Markham, Canada Email: **************@*******.*** SUMMARY

Highly experienced business continuity and disaster recovery professional with over 20 years of experience in developing, implementing and managing comprehensive Business Continuity and Disaster Recovery strategies, policies, plans, and procedures to ensure business resilience and minimize downtime. Proven record of accomplishment in:

• Developing and implementing comprehensive business continuity plans, including BIAs’ emergency response procedures, crisis communication plans, and employee evacuation procedures.

• Collaborating with cross-functional teams to ensure business continuity and minimize downtime.

• Conducting regular drills and exercises to test BC/DR plans and identify areas for improvement

• Ensuring compliance with industry regulations and standards, including OSFI E-21/B-10/B-13, ISO 22301, AE/SCNS/NCEMA 7000:2021, NIST, BCI, and DRI.

• Conducting risk assessments and Business Impact Analysis with the business units to identify critical business processes and potential threats and crisis management including Cyber Security.

• Designing and implementing disaster recovery solutions, including data backup and recovery systems, and IT service continuity plans.

PROFESSIONAL EXPERIENCE

Senior Business Continuity Manager - Canadian Imperial Bank of Commerce, Toronto (Oct 2024 – Present)

• Manage the overall mandate of the Enterprise Business Continuity Management (EBCM) group through strategic and tactical process initiatives focused on supporting the bank’s Business Units in the strategic management of BCM.

• Ensure an effective enterprise BCM governance framework that is consistent with regulatory requirements and industry best practices/standards are developed, maintained and adhered to across the enterprise.

• Work with Business Units in performing Business Impact Analysis (BIA).

• Design, maintenance and cost effectiveness of the overall enterprise Crisis Management/Business Incident Management/Business Continuity Management Programs, recognizing the increasing importance of the management of business interruption risk in the environments in which CIBC operates. Perform Third Party Risk Assessments and define processes to mitigate those risks. Responsibilities include contributions to operational and simulation testing. In the event of a major business interruption, lead the Enterprise Business Continuity Management (EBCM) team.

• Benchmarking BCM Policy and Standard Guidelines with industry standards and updating accordingly.

• Third Party Risk Management based on OSFI-B-10 guidelines and creating Contingency Plans in case of disruption of the service.

• Ensuring compliance with OSFI-E-21 guidelines.

• Identifying, assessing, managing, and monitoring operational risks to prevent control failures that can lead to financial losses, reputational damage, or security breaches.

• Ensuring the bank can deliver critical operations during disruptions, with a focus on response, recovery, and adapting to changing risk environments.

• Establishing an enterprise-wide operational risk management framework with approved risk appetite, policies, and procedures.

• Identifying and mapping critical operations, setting tolerances for disruption, and conducting scenario testing to assess resilience.

• Business Continuity Risk Management - Planning for and recovering from disruptions, with regular testing and updates.

• Crisis Management - Establishing protocols for crisis response, communication, and recovery.

• Change Management - Assessing and managing operational risks introduced by significant changes. Senior Lead IT Resilience and Recovery Canada Life Assurance, Toronto (Dec 2023 – Sep 2024)

• Developed and implemented comprehensive BC/DR plans and procedures for one of the largest Multinational Insurance and Investment Company in Canada with over 12,000 employees.

• Conducted annual risk assessments including cyber security threats and business impact analysis to identify critical business processes and potential threats and define RTO/RPO ensuring DR process has the capacity and capability for achieving them.

• Introduced a culture of IT resilience among various teams encouraging them to actively participate in their defined DR roles.

• Ensured data backup and replication processes are in place and cover all required systems. Recommend changes to ensure systems are redundant and business can continue in case of an incident

• Ensure that all business units have documented DR Plans that are regularly reviewed and updated.

• Designed and implemented disaster recovery solutions, including data backup and recovery systems, and IT service continuity plans for On-Premises, Cloud (IaaS, SaaS) and Third Party Hosted Applications/Systems.

• Play a leading role in case of a real incident requiring activation of the BC/DR plan.

• Incident management during the disaster recovery exercise.

• Collaborated with cross-functional teams to ensure business continuity and minimize downtime.

• Conducted regular tabletop and DR exercises to test BC/DR plans, failover/failback capabilities, achieving predefined RTOs/RPOs, identify gaps and areas for improvement.

• Ensured maintaining governance within risk framework, compliance with industry regulations and standards, including ISO 22301.

• Ensuring compliance with OSFI-E-21 and B-10 guidelines.

• Establishing a framework to set out clear accountabilities, responsibilities, policies, and processes for identifying, managing, mitigating, monitoring, and reporting on risks related to third-party arrangements.

• Assess the level of risk and criticality of each third-party arrangement before engaging into them and periodically thereafter.

• Conduct due diligence on third-party arrangements, including assessing the third party's financial health, information management, data security, and subcontracting practices.

• Ensured users are trained and aware of BCM and DR process and activities including their roles and responsibilities.

• Liaison with Audit/Compliance teams

Senior IT Disaster Recovery Lead Moneris Payment Solutions, Toronto (May 2022 - Nov 2023)

• Development and implementation of BC/DR plans and procedures for a large organization with over 2,200 employees.

• Conducted annual risk assessments and business impact analyses to identify critical business processes and potential threats and define RTO/RPO ensuring DR process has the capacity and capability for achieving them.

• Working with crisis management team to define policies and procedures.

• Designed and implemented disaster recovery solutions, including data backup and recovery systems, and IT service continuity plans for On-Premises, Cloud (IaaS, SaaS) and Third Party Hosted Applications/Systems.

• Coordinated and conducted regular drills and exercises to test BC/DR plans and identify areas for improvement.

• Taking ownership of third-party risk management program.

• Ensured data backup and replication processes are in place and cover all required systems.

• Ensured compliance with industry regulations and standards, including ISO 22301.

• Ensured users are trained and aware of BCM and DR process and activities.

• Liaison with Audit/Compliance teams

Senior Manager BCM/DR Gulf Investment Corporation, Kuwait (Jul 1998 – Feb 2022)

• Develop, implement, monitor and evaluate the enterprise Business Continuity and IT Disaster Recovery Plans based on industry standards (ISO 22301) to meet critical goals and objectives to ensure all IT services are restored and business resumes normally in the event of a disaster. Contribute in the formation of Business Impact Analysis (BIA). Perform risk and crisis assessments and find solutions to mitigate them

• Ensures the BCP and DRP program aligns with established standards of practice, organizational policies and objectives, and applicable legislation and regulations. Lead the coordination and management of recovery activity in the event of a disaster. Establish Recovery Time Objectives (RTOs) and Recovery Point Objectives

(RPOs)

• Implemented three disaster recovery sites in Kuwait, Bahrain and Luxembourg and performed annual DR exercise for all the sites. This included scheduling and organizing exercise program, educating business continuity coordinators, making relocating arrangements for the teams performing tests, observing and documenting progress, preparing the test results and reports for the higher management and follow-up with any issues reported during the exercise

• Provide leadership and guidance in the development, implementation and evaluation of IT strategies and initiatives related to DRP. Lead the teams for disaster recovery tests or in case of a real disaster to recover the systems back to normal performance. Provide guidance to the IT teams with the methodologies related to invocation of the DRP

• Define and implement criteria for systems and applications recoverability and availability capabilities

• Maintain the current state recovery measures for all IT infrastructure and applications with a view to mitigating disruption to the delivery of IT services in the event of a disaster

• Make ongoing assessments of the BCP and DRP and prepare analysis for further improvement and/or other better alternatives for existing solutions defining costs and implementation schedules

• Coordinate with other teams in the preparation of user guides and training materials. Perform training for the staff and presentations to the end users and the management on BCP goals and objectives and how the process works in a real disaster

Systems Engineer Aetna Life Insurance Company, Toronto, Canada (Oct 1996 – Mar 1998) Data Centre Manager Gulf Investment Corporation, Kuwait (Aug 1986 – Oct 1996) Operations Supervisor Al-Rajhi Banking & Investment Group, Saudi Arabia (Jul 1983 – Jul 1986) IT Operations Officer United Bank Ltd, Karachi, Pakistan (Aug 1979 – Jul 1983) EDUCATION

• Master - Computer Science Kennedy-Western University, Idaho, USA

• Bachelor of Science University of Karachi, Pakistan CERTIFICATION / TRAINING

• Certified Business Continuity Institute (CBCI)

• Certified IT Disaster Recovery (ITDR)

• Certified Risk Management Specialist

• Certified Crisis Management Specialist

• Project Management

• ITIL Foundation

• ISO 27001 Standards

SKILLS

• Business Continuity Management (BCM)

• Disaster Recovery (DR)

• Risk Assessment and Management

• Crisis Management

• Emergency Response Planning

• IT Service Management (ITSM)

• Compliance and Regulatory Requirements OSFI-E-21, B-10 and B-13

• ISO 22301 standards

• Data Backup and Recovery Systems

• IT Service Continuity Planning

• Crisis Communication Planning

• Employee Evacuation Procedures

TOOLS and TECHNOLOGIES

• Business Continuity Planning software (Fusion, BCM Module, Archer)

• Disaster Recovery solutions (AWS, Azure Clouds, Third Party Outsourcing, Backup, Replication)

• IT Service Management tools (ServiceNow, JIRA)



Contact this candidate