Cyber Resiliency and Recovery Expert

Allstate•McCullom Lake, IL

6d•Remote

About The Position

The Cyber Resiliency and Recovery Expert plays a hands-on assurance role in ensuring the organisation can withstand and rapidly recover from major cyber incidents - especially ransomware events. Working in the 2nd line of defence, this role conducts structured, evidence-based assessments of recovery capabilities and applies an independent lens to evaluate and measure recovery readiness, objectively assess gaps and provide recommendations for leadership action. Acting as a trusted partner across Technology, Security, Operations, and Risk, the specialist provides expert insight into the soundness of recovery designs, operational readiness, and the effectiveness of recovery strategies. This role suits someone with a strong foundation in technology infrastructure or cyber security who is looking to move into - or deepen their experience in independent assurance and recovery validation.

Requirements

Minimum 5 years’ hands on experience in cyber resiliency, disaster recovery engineering, infrastructure recovery, backup/restore validation or technology risk management.
Solid working knowledge of enterprise infrastructure recovery - AD, DNS, PKI, PAM, backup and restore processes
Practical experience completing business-critical recovery validation exercises (e.g., VM/database restores, cloud recovery tests, ransomware-style simulations) with evidence of outcomes.
Experience in engaging with senior technical SMEs and asking probing questions

Nice To Haves

Exposure to second-line assurance, internal audit, or technology risk frameworks
Familiarity with offline BCP or crisis communications arrangements
Led or co-led enterprise-level recovery simulations or ransomware scenario tests

Responsibilities

Design and maintain an enterprise-wide Recovery Readiness & Assurance Framework, including measurable validation criteria and success indicators.
Assess recovery runbooks against defined success criteria — identifying gaps, untested assumptions, and sequencing risks
Establish consistent validation and testing processes, driving continuous improvement in cyber recovery readiness.
Conduct detailed analysis of technical recovery architectures, verifying assumptions and dependencies, limitations and operational feasibility.
Independently validate recovery capabilities, including completeness of backups, , restoration feasibility, interconnection testing and data reconciliation approaches.
Identify hidden dependencies, potential failure points, and resilience gaps across systems, processes, and teams.
Plan and execute structured recovery simulations and scenario-based validation exercises (e.g., ransomware, data corruption).
Validate restoration sequencing, decision points, and end-to-end execution workflows to ensure operational readiness.
Document validation evidence, outcomes, and readiness assessments, ensuring clarity and traceability for stakeholders.
Translate findings into actionable remediation recommendations, driving improvements across technology and operations.
Serve as a trusted advisor to Technology, Security, and Risk partners, providing expert guidance on cyber resiliency and recovery best practices.