Senior Manager, Business Continuity Planning
Come make your difference in communities across Canada, where authenticity, trust and making connections is valued – as we shape the future of Canadian retail, together. Our unique position as one of the country's largest employers, coupled with our commitment to positively impact the lives of all Canadians, provides our colleagues a range of opportunities and experiences to help Canadians Live Life Well®.
At Loblaw Companies Limited, we succeed through collaboration and commitment and set a high bar for ourselves and those around us. Whether you are just starting your career, re-entering the workforce, or looking for a new job, this is where you belong.
Role Overview
The Senior Manager, Business Continuity Planning (BCP) is responsible for leading the design, implementation, and continuous improvement of an enterprise-wide Business Continuity Management (BCM) program. This role ensures the organization can effectively prepare for, respond to, and recover from disruptions—including cyber incidents, technology failures, and operational events—while strengthening organizational resilience and advancing alignment with the NIST Cybersecurity Framework.
The role partners closely with Technology, Cybersecurity, Risk, and Business leaders to embed resilience into core operations and ensure continuity capabilities are measurable, testable, and continuously improving.
Program Overview
The BCM Program is designed to enhance organizational resilience by establishing a sustainable, enterprise-wide continuity framework aligned with the NIST Cybersecurity Framework, with particular focus on strengthening Respond (RS) and Recover (RC) capabilities.
Program Objectives
Establish and operationalize a repeatable, measurable BCM framework aligned to NIST standards
Improve incident response coordination and recovery execution across business and technology domains
Reduce recovery time and business impact through clearly defined recovery strategies and objectives
Enable continuous improvement through testing, metrics, and lessons learned
Core Principles
Build Internal Capability: Develop sustainable expertise through structured knowledge transfer, coaching, and embedded ownership across business units
Standardize & Align: Leverage enterprise tools, templates, and methodologies to ensure consistency and auditability
Integrate Resilience Functions: Align BCP with IT Disaster Recovery (DR), Cyber Incident Response, and Crisis Management to support end-to-end resilience
Operationalize & Continuously Improve: Maintain a “living program” supported by regular testing, performance metrics, and governance
Scope & Key Accountabilities
1. Program Leadership & Governance
Lead the enterprise BCM program, including governance, policy, and standards aligned to NIST CSF
Define KPIs and maturity metrics to track improvements in response and recovery capabilities
Provide regular reporting to senior leadership and risk committees
2. Business Impact Analysis (BIA)
Oversee identification and prioritization of critical business services and processes
Validate recovery requirements, including Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO)
Ensure alignment with enterprise risk and technology recovery strategies
3. Risk Assessment & Mitigation
Facilitate enterprise-wide risk assessments focused on operational and cyber resilience
Identify vulnerabilities and define mitigation and resilience strategies
Integrate outputs into broader enterprise risk management processes
4. Business Continuity Planning (BCP)
Develop and maintain actionable continuity plans covering:
Incident response
Business resumption
Service recovery and restoration
Ensure plans are standardized, accessible, and aligned to NIST response/recovery requirements
5. IT Disaster Recovery (DR) Integration
Partner with Technology teams to align DR strategies with business priorities
Ensure DR plans meet defined RTO/RPO targets and support critical services
Validate recovery dependencies across systems, infrastructure, and third parties
6. Crisis Management & Communications
Establish and maintain crisis management frameworks, including:
Escalation protocols
Executive decision-making structures
Internal and external communication strategies
Support real-time incident coordination during major events
7. Emergency & Operational Resilience Integration
Align BCM with emergency management procedures and operational response models
Ensure coordination across physical, cyber, and operational incidents
8. Pandemic & Emerging Risk Preparedness
Incorporate lessons learned from recent global events and evolving threat landscapes
Maintain playbooks for infectious disease, workforce disruption, and supply chain impacts
9. Training, Awareness & Culture
Develop and deliver role-based training programs
Drive enterprise awareness to embed resilience into day-to-day operations
Enable business ownership of continuity capabilities
10. Testing & Exercising
Design and execute scenario-based exercises (e.g., cyberattack, system outage, supply disruption)
Conduct tabletop and simulation exercises to validate readiness
Track gaps, remediation actions, and continuous improvement outcomes
Qualifications & Experience
8–12+ years in Business Continuity, Disaster Recovery, Risk Management, or Cyber Resilience
Strong knowledge of the NIST Cybersecurity Framework and/or ISO 22301
Proven experience building and scaling enterprise BCM programs
Experience integrating BCP with Cybersecurity and IT DR functions
Strong stakeholder management and executive communication skills
Success Measures
Improved maturity scores in NIST Respond and Recover domains
% of critical processes with validated and tested BCP/DR plans
Reduction in recovery times and operational impact during incidents
Successful execution of enterprise-wide exercises and remediation closure rates
Increased business ownership and engagement in continuity planning
Our commitment to Sustainability and Social Impact is an essential part of the way we do business, and we focus our attention on areas where we can have the greatest impact. Our approach to sustainability and social impact is based on three pillars – Environment, Sourcing and Community – and we are constantly looking for ways to demonstrate leadership in these important areas. Our CORE Values – Care, Ownership, Respect and Excellence – guide all our decision-making and come to life through our Blue Culture. We offer our colleagues progressive careers, comprehensive training, flexibility, and other competitive benefits – these are some of the many reasons why we are one of Canada’s Top Employers, Canada’s Best Diversity Employers, Canada’s Greenest Employers & Canada’s Top Employers for Young People.
If you are unsure whether your experience matches every requirement above, we encourage you to apply anyway. We are looking for varied perspectives which include diverse experiences that we can add to our team.
We have a long-standing focus on diversity, equity and inclusion because we know it will make our company a better place to work and shop. We are committed to creating accessible environments for our colleagues, candidates and customers. Requests for accommodation due to a disability (which may be visible or invisible, temporary or permanent) can be made at any stage of application and employment. We encourage candidates to make their accommodation needs known so that we can provide equitable opportunities.
Please Note:
Candidates who are 18 years or older are required to complete a criminal background check. Details will be provided through the application process.
#EN
#SS #LTnA #ON