Senior Director, Cyber Resiliency and Business Continuity

About The Position

Requirements

• Bachelor’s Degree (in Computer Science, Information Security, or related field) or equivalent experience.
• Typically requires 13+ years of relative experience and 6+ years of diversified leadership, planning, communication, organization, and people motivation skills (or equivalent experience).
• Extensive experience in cybersecurity, operational resilience, business continuity, risk management, or related domains, with at least 5 years in a senior leadership role.
• Demonstrated experience owning enterprise-wide governance programs in a regulated environment.
• Strong knowledge of BCP, cyber resiliency, and resilience frameworks (e.g., ISO 22301, NIST, operational resilience concepts).
• Exceptional ability to translate complex resiliency concepts into clear, actionable leadership insights.
• Excellent communication and stakeholder management skills.

Nice To Haves

• In-depth understanding of healthcare-specific cybersecurity challenges and regulations.
• Relevant industry certifications (e.g., CISSP, CISM, CRISC).
• Master’s Degree preferred.

Responsibilities

• Own and maintain enterprise BCP and Cyber Resiliency policies, standards, and methodologies in alignment with regulatory expectations and industry frameworks
• Define roles, responsibilities, escalation paths, and governance forums for cyber and operational resilience across the enterprise.
• Establish and mature a consistent enterprise resiliency operating model, clearly delineating Cyber, Business, and IT / DR accountabilities.
• Own the enterprise BIA methodology, including criticality tiers, prioritization criteria, and data quality standards.
• Ensure BIAs are consistently executed by the business with appropriate rigor and alignment to policy.
• Validate business-defined recovery objectives (e.g., RTO, MTD, dependencies) for completeness, consistency, and risk-based justification.
• Provide quality assurance and challenge to ensure BIAs reflect real operating realities and cyber threat considerations.
• Provide program-level oversight of enterprise BCP and cyber resiliency activities, focusing on: Completeness, Consistency, Risk alignment, Maturity progression.
• Develop and deliver executive reporting on resiliency posture, gaps, trends, and remediation status.
• Track findings, gaps, and corrective actions across cyber, business, and IT domains, ensuring accountability and closure.
• Measure and report program maturity against recognized frameworks and internal expectations.
• Coordinate and govern enterprise resiliency exercises, including tabletop simulations and recovery validation activities.
• Ensure testing scenarios incorporate cyber-driven disruption, realistic failure conditions, and cross-functional dependencies.
• Lead post-exercise and post-incident lessons learned processes, driving actionable improvements across policy, plans, and execution.
• Validate that testing outcomes result in concrete remediation and capability uplift.
• Partner with Crisis Management and Incident Response leaders to ensure clear governance and escalation during major cyber disruptions, alignment between cyber incident response, business continuity, and technology recovery.
• Provide oversight assurance that crisis processes, roles, and decision frameworks are defined, tested, and understood.
• Influence senior leaders across Business, IT, Risk, and Legal without direct authority.
• Build strong partnerships while maintaining independent challenge and assurance.
• Lead and develop a high-performing cyber resiliency team, fostering a culture of accountability, rigor, and continuous improvement.
• Provide executive-level visibility and guidance on resiliency risks, posture, and prioritization.

Benefits

• competitive compensation package
• annual bonus
• long-term incentive opportunities