IT - GRC - Business Continuity Program Manager

About The Position

Requirements

• Bachelor’s degree in Business, Risk Management, Information Technology, or related field.
• 7+ years in business continuity, disaster recovery, or risk management roles.
• Strong knowledge of BCM frameworks and regulatory requirements.
• Excellent communication, facilitation, and stakeholder engagement skills.
• Strong problem-solving and analytical skills.
• Ability to work effectively in a collaborative, agile, and fast-paced environment.
• Ability to lead and influence teams without direct authority or reporting relationships
• A proactive and self-motivated approach to work with a strong desire to improve processes and outcomes.

Nice To Haves

• Experience in financial services or credit union industry preferred.
• CBCP (Certified Business Continuity Professional), MBCP (Master Business Continuity Professional), or similar preferred.

Responsibilities

• Program Development & Governance
• Design and maintain the Business Continuity Management (BCM) framework aligned with industry standards (e.g., ISO 22301, FFIEC guidelines, NCUA regulations).
• Establish policies, standards, procedures, and governance for continuity planning across all business units and third-party relationships.
• Risk Assessment & Impact Analysis
• Conduct Business Impact Analysis (BIA) and risk assessments to identify critical processes and dependencies.
• Collaborate with internal and external stakeholders to prioritize recovery strategies and define Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO).
• Develop action plans to mitigate risks identified through impact analysis, assessments, industry intelligence and best practices.
• Plan Development & Maintenance
• Develop and update business continuity and disaster recovery plans through collaboration with all departments and third parties inclusive of various disruption scenarios.
• Ensure integration with IT Disaster Recovery plans and cybersecurity incident response strategies.
• Maintain enterprise inventories of critical processes, applications, facilities and third-party relationships
• Testing & Training
• Coordinate regular BC/DR exercises, tabletop drills, and failover tests with internal departments and external partners.
• Lead post-exercise reviews, document successes, lessons learned and corrective actions for improving the program.
• Provide training and awareness programs for staff to ensure readiness and compliance.
• Regulatory Compliance & Reporting
• Ensure compliance with NCUA, FFIEC, and other applicable regulations.
• Prepare reports and documentation for audits, regulators, and senior leadership.
• Support internal and external audits, regulatory exams and risk assessments related to business continuity.