Director/Business Continuity & Disaster Recovery

About The Position

Requirements

• Bachelor’s degree in Information Technology, Business Administration, or related field.
• 7+ years of experience in business continuity, disaster recovery, or crisis management , including demonstrated leadership of enterprise BCDR or risk management programs.
• Deep understanding of IT disaster recovery principles (backup/restore, redundancy, high availability) and enterprise IT infrastructure.
• Experience defining and achieving RTO/RPO targets for key systems.
• Working knowledge of relevant regulatory frameworks and industry standards for BCDR, such as NY DFS cybersecurity regulations and ISO 22301 (Business Continuity Management).
• Experience ensuring that continuity and recovery plans meet compliance requirements and passing audits or examinations related to operational resilience.
• Excellent leadership, communication, and cross-functional collaboration skills.
• Proven ability to lead under pressure, coordinate across departments (IT, Security, Operations, etc.), and communicate complex plans clearly to both technical teams and executive stakeholders.
• Strong project management and problem-solving capabilities to drive strategic BCDR initiatives.

Nice To Haves

• Professional certifications in business continuity, security, or project management are highly valued, examples include; Certified Business Continuity Professional (CBCP), Certified Information Systems Security Professional (CISSP), and Project Management Professional (PMP). (Other relevant credentials such as MBCP, CISM, CRISC, or ITIL are a plus.)
• A Master’s degree in a related field or experience in a highly regulated industry (e.g., financial services or insurance) is a plus, indicating familiarity with stringent compliance requirements and complex IT environments.

Responsibilities

• Business Continuity & IT Disaster Recovery (DR) Planning: Develop, implement, and regularly update Business Continuity Plans (BCPs) and IT DR plans for all critical business functions and systems.
• Business Impact Analysis: Conduct Business Impact Analyses (BIA) to identify critical processes, applications, and third-party dependencies. Use BIA findings to prioritize recovery strategies and resource allocation based on the potential operational and financial impact of disruptions. Ensure continuity plans address regulatory expectations for maintaining operations during outages.
• Risk & Cybersecurity Coordination: Collaborate with Risk Management and Cybersecurity teams to integrate BCDR efforts with broader risk assessments and cybersecurity incident response plans. Align BCDR controls with enterprise risk mitigation strategies and cyber defense measures (e.g., robust identity management with MFA , secure backups) to provide a unified resilience approach.
• Disaster Recovery (DR) Testing: Work with key business and IT stakeholders to define and test Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) for key systems and conduct periodic DR drills to ensure rapid restoration of essential services within target recovery times.
• Team & Vendor Oversight: Provide leadership to any assigned BCDR staff and manage relationships with external partners (such as disaster recovery service providers, data backup vendors, MSSPs, and facility providers). Ensure these teams and vendors meet the organization’s continuity and recovery service level agreements (SLAs) and that their capabilities align with overall BCDR objectives.
• Strategic Planning & Continuous Improvement: Champion a culture of preparedness through regular training and BCDR exercises. Analyze results from drills and actual incidents to continuously refine BCDR strategies, update plans, and improve response procedures. Communicate program status and major updates to senior IT leadership, ensuring ongoing alignment with business priorities and compliance obligations.

Benefits

• A comprehensive benefits package that includes PTO, medical, dental, vision, retirement savings, disability insurance, and life insurance.