Business Continuity Planning and Disaster Recovery Analyst

About The Position

Requirements

• Associate’s degree and one (1) year of progressively responsible experience in IT or business continuity planning / disaster recovery roles or three (3) years of progressively responsible experience in IT or business continuity planning / disaster recovery roles.
• Familiarity with healthcare IT systems, compliance standards (e.g., HIPAA), risk management frameworks, and tools.

Nice To Haves

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• Three (3) years of progressively responsible experience in business continuity planning / disaster recovery, or audit focused roles in a healthcare or regulated industry
• CBCP, CBCI, CRISC, ISO 22301 Lead Auditor or equivalent certification.
• Practical experience with DR tools and software (e.g., backup solutions, cloud recovery platforms, etc.).
• Ability to rapidly learn and adopt new software tools.
• Exposure to healthcare and education security frameworks (NIST, HIPAA, HITRUST, GLBA).

Responsibilities

• Develop, implement, and regularly update BCP and DR plans for IT Infrastructure, including data backup, system restoration, and emergency response protocols.
• Assist in conducting business impact assessments (BIA), Continuity of Operations Plan (COOP), and risk assessments to identify vulnerabilities in critical functions, such as electronic health records (EHR) systems, supporting systems, supply chain operations, etc.
• Coordinate and help facilitate testing exercises, including tabletop simulations, full-scale drills, and live recovery tests, to validate plan effectiveness and staff training needs and opportunities.
• Collaborate with cross-functional teams, including IT, clinical operations, compliance officers, to ensure BCP/DR into governance frameworks and ensure alignment with industry standards, regulations, and laws.
• Assist in monitoring threats, such as cybersecurity incidents or pandemics, and update plans to incorporate lessons learned from incidents or audits.
• Participate in the development and maintenance of the organization's risk register related to BCP/DR.
• Help in tracking and documenting remediation efforts for identified risks.
• Participate in security auditing processes under the guidance of senior staff.
• Support training and awareness programs for staff on business continuity protocols and their roles in maintaining operational awareness.
• Demonstrate strong analytical and problem-solving skills.
• Show exceptional attention to detail and strong communications skills for training and stakeholder collaboration.
• Effectively communicate with team members to understand and support GRC and BCP/DR initiatives.
• Contribute to third-party risk management by supporting vendor assessments and evaluations.
• Assist in analyzing the risk associated with new applications and provide input for approvals.
• Review change management reports to aid in identifying potential high-risk work that could lead to system outages.
• Ability to work outside regular business hours to support actual business interruptions.