Master information

Task description and requirements

For one of our clients we are looking for an IT Specialist Back-up and recovery/Resilience

Project name:
Enhancing CCO Resiliency

Project description:
The LoB Sales & Trading IT (F_OI5) provides end-to-end IT solutions and support to projects and teams in client’s CCO area.
For 15 applications, backup plans are not well known or documented. These are Mission Critical applications that need to be restored within the defined business needs because they are essential to the business. Therefore, the aim of the project is to analyze the current backup plans, define a target state and perform a gap analysis in order to adapt each application. The goal is to have well-documented backup plans with RTOs that match the defined requirements for the applications and to test the recovery of at least one backup in a dedicated environment.

Tasks:
Assessment of current backup environment: Reviewing and documenting the existing Azure backup infrastructure, policies, and tools in use by taking into consideration information provided by the client in advance based on own knowledge and experience (focus on Mission Critical Applications)
Inventorying of backup assets: Identification of the following for Mission Critical Applications:
Code: Application code, configuration files, and scripts
Data: Databases, file systems, and critical business data
Secrets: Secrets such as API keys, passwords, certificates, and sensitive information
Identities: User accounts, Active Directory objects, and identity management systems
Reviewing of backup and recovery procedures: Evaluation of existing restore processes, disaster recovery plans, and business continuity strategies based on own expertise
Monitoring backup performance: Analysis of the effectiveness of backup solutions, including success rates, performance, and potential issues
Conducting risk assessment: Identification and documentation of current risks, vulnerabilities, and gaps in the backup processes and disaster recovery setups
Assessment of compliance: Review of the current state of backup solutions against industry standards and regulatory requirements (GDPR, HIPAA) as well as the organizational standards
Assessment of immutability needs: Evaluation of current backup systems for immutability features with the aim of preventing tampering with backup data, integrity and security of critical backup data
Definition of target state: Establishment of an ideal, optimized backup environment within Azure, considering scalability, performance, and security based on own expertise
Presentation of the results (sprint meeting) to client for a sign-off
Development of backup and disaster recovery strategies: Design of a comprehensive strategy for backups and recovery, aligned with business continuity objectives (RTO, RPO). This includes strategies for:
Code: Version control, redundancy, and protection of critical code repositories
Data: Backup strategies for structured (databases) and unstructured (files) data
Secrets: Backup and encryption strategies for managing sensitive information and secure access
Identities: Backup solutions for identity management systems, including directory services and user accounts
Immutability of backup data: Integration of immutability features into the backup solution to check backup data is protected from deletion or tampering, especially for mission-critical applications and sensitive information
Development of gap analysis: Identification of discrepancies between the current state (As-Is) and the desired target state (To-Be), pinpointing areas for improvement
Evaluation of Azure backup solutions: Assessment of which Azure services (Azure Backup, Azure Site Recovery) will best meet backup and disaster recovery requirements based on own evaluation and expertise
Development of improvements (proposal of solutions) to close gaps identified in the analysis phase, including technology upgrades, process changes, and new backup strategies and presentation of the proposals to client for a sign-off
Alignment of backup strategies with business goals: Checking that target states for backup and disaster recovery are in line with client's overall IT and business objectives (provided in advance)
Documentation of target state design: Creation of clear documentation of the target backup state, including architecture, processes, tools, and security measures. Checking of all backup strategies for mission-critical applications are thoroughly documented with the aim of reaching rapid recovery and minimal business disruption
Monitoring of the deployment of recommended backup tools and disaster recovery processes within Azure based on own knowledge and experience
Configuration of Azure backup solutions: Setting up and configuration of Azure Backup, Site Recovery, and necessary services based on the defined target state
Monitoring backup health: Monitoring of backup job success, performance, and resource usage with the aim of checking optimal functionality based on own evaluation
Testing and validation of backup and recovery processes: Conducting testing of backup and restore processes, with the aim that they meet RTO and RPO requirements based on own evaluation of Scope and necessary frequency
Troubleshooting and resolution of issues: Presentation of (sprint meeting) backup failures, data restoration problems, and gaps identified during the implementation or monitoring phases
Provision of training: Creation of training material and training of client teams (list of participants will be provided by client in advance) on new backup procedures, Azure tools, and disaster recovery protocols
Documentation of backup policies and procedures: Creation of clear, accessible documentation on backup processes, disaster recovery strategies, and recovery procedures for internal use
Conducting post-implementation review: Assessment of the success of the backup implementation, identification of any issues, and improvement of backup processes, documentation of the results and handing over to client for further use
Compliance: Checking the final solution meets regulatory and compliance standards for data protection, retention, and security based on own knowledge
Documentation of findings and implementation results (of all findings during the analysis phase and the implementation phase, including challenges, solutions, and the final outcomes) and handing over to client for future audits and improvements

Must have:
English
Back-Up and Recovery expertise
Azure expertise
Resilience expertise.

Nice have:
German
Immutability and Security expertise
Regulatory Compliance Knowledge.

Start: ASAP
Duration: till end of 2025
Capacity: 33h/week
Location: remote

Category