Informații principale

Descrierea și cerințele proiectului

IT Specialist Backup and recovery/Resilience

Project name: Enhancing CCO Resiliency

Project description:
The LoB Sales & Trading IT (F_OI5) provides end-to-end IT solutions and support to projects and teams in the client’s CCO area.
For 15 applications, backup plans are not well known or documented. These are Mission Critical applications that need to be restored within the defined business needs because they are essential to the business. Therefore, the aim of the project is to analyze the current backup plans, define a target state and perform a gap analysis in order to adapt each application. The goal is to have well-documented backup plans with RTOs that match the defined requirements for the applications and to test the recovery of at least one backup in a dedicated environment.

Background to the assignment:
-The client does not have the internal resources to conduct the Back-up Analysis tasks listed and described in section 5. However, there is an Information Security Guideline and Polices that need to be followed. Due to the mostly de-central application teams this is quite tedious and needs a dedicated resource to execute this.
-Therefore, the external consultant has a unique position compared to the client's internal project staff and provides significantly different services than the internal staff.

Tasks:
- Assessment of current backup environment: Reviewing and documenting the existing Azure backup infrastructure, policies, and tools in use by taking into consideration information provided by the client in advance based on own knowledge and experience (focus on Mission Critical Applications)
- Inventorying of backup assets: Identification of the following for Mission Critical Applications:
Code: Application code, configuration files, and scripts
Data: Databases, file systems, and critical business data
Secrets: Secrets such as API keys, passwords, certificates, and sensitive information
Identities: User accounts, Active Directory objects, and identity management systems
Azure: App configurations in Azure
- Reviewing of backup and recovery procedures: Evaluation of existing restore processes, disaster recovery plans, and business continuity strategies based on own expertise
- Monitoring backup performance: Analysis of the effectiveness of backup solutions, including success rates, performance, and potential issues
- Conducting risk assessment: Identification and documentation of current risks, vulnerabilities, and gaps in the backup processes and disaster recovery setups
- Assessment of compliance: Review of the current state of backup solutions against industry standards and regulatory requirements (GDPR, HIPAA) as well as the organizational standards
- Assessment of immutability needs: Evaluation of current backup systems for immutability features with the aim of preventing tampering with backup data, integrity and security of critical backup data (incl. finding the setting in Azure and understand the configuration)
- Definition of target state: Establishment of an ideal, optimized backup environment within Azure, considering scalability, performance, and security based on own expertise
- Presentation of the results (sprint meeting) to client for a sign-off
- Development of backup and disaster recovery strategies: Design of a comprehensive strategy for backups and recovery, aligned with business continuity objectives (RTO, RPO). This includes strategies for:
Code: Version control, redundancy, and protection of critical code repositories
Data: Backup strategies for structured (databases) and unstructured (files) data
Secrets: Backup and encryption strategies for managing sensitive information and secure access
Identities: Backup solutions for identity management systems, including directory services and user accounts
Azure: Develop a best-practice Azure configuration strategy, for the mission critical applications
- Immutability of backup data: Integration of immutability features into the backup solution to check backup data is protected from deletion or tampering, especially for mission-critical applications and sensitive information (in Azure)
- Development of gap analysis: Identification of discrepancies between the current state (As-Is) and the desired target state (To-Be), pinpointing areas for improvement
- Evaluation of Azure backup solutions: Assessment of which Azure services (Azure Backup, Azure Site Recovery) will best meet backup and disaster recovery requirements based on own evaluation and expertise
- Development of improvements (proposal of solutions) to close gaps identified in the analysis phase, including technology upgrades, process changes, and new backup strategies and presentation of the proposals to client for a sign-off
- Alignment of backup strategies with business goals: Checking that target states for backup and disaster recovery are in line with client's overall IT and business objectives (provided in advance)
- Documentation of target state design: Creation of clear documentation of the target backup state, including architecture, processes, tools, and security measures. Checking of all backup strategies for mission-critical applications are thoroughly documented with the aim of reaching rapid recovery and minimal business disruption
- Monitoring of the deployment of recommended backup tools and disaster recovery processes within Azure based on own knowledge and experience
- Configuration of Azure backup solutions: Setting up and configuration of Azure Backup, Site Recovery, and necessary services based on the defined target state
- Monitoring backup health: Monitoring of backup job success, performance, and resource usage with the aim of checking optimal functionality based on own evaluation,
- Testing and validation of backup and recovery processes: Conducting testing of backup and restore processes, with the aim that they meet RTO and RPO requirements based on own evaluation of Scope and necessary frequency
- Troubleshooting and resolution of issues: Presentation of (sprint meeting) backup failures, data restoration problems, and gaps identified during the implementation or monitoring phases
- Provision of training: Creation of training material and training of client teams (list of participants will be provided by the client in advance) on new backup procedures, Azure tools, disaster recovery protocols and the optimal setting to be set within Azure
- Documentation of backup policies and procedures: Creation of clear, accessible documentation on backup processes, disaster recovery strategies, and recovery procedures for internal use
- Conducting post-implementation review: Assessment of the success of the backup implementation, identification of any issues, and improvement of backup processes, documentation of the results and handing over to client for further use with a focus on the Azure components
- Compliance: Checking the final solution meets regulatory and compliance standards for data protection, retention, and security based on own knowledge
- Documentation of findings and implementation results (of all findings during the analysis phase and the implementation phase, including challenges, solutions, and the final outcomes) and handing over to the client for future audits and improvements

Start: 15.09.2025
Capacity: 24h/week
Duration: planned till 31.12.2025, extensions possible
Location: remote

Categorie