Technology Risk & Continuity Analyst

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, Business Continuity, or a related field (or equivalent experience)
• 2–5 years of experience in cybersecurity, business continuity, disaster recovery, operational risk, or IT risk management
• Interest in business continuity and operational resilience practices (BIAs, recovery strategies, dependency mapping, exercises, and issue remediation)
• Familiarity with resilience or GRC platforms (e.g., Riskonnect or similar tools)
• Ability to master learning management systems and security awareness training programs (e.g., Learning Pool)
• Understanding of incident management frameworks and IT service management tools (e.g., ServiceNow)
• Knowledge of client and third-party due diligence processes
• Familiarity with threat intelligence sources and relevant frameworks/standards (e.g., NIST, ISO 22301, ITIL) is a plus
• Strong written and verbal communication skills, with the ability to clearly document plans, exercises, and incidents
• Excellent organizational skills and attention to detail, with the ability to manage multiple concurrent workstreams
• Ability to collaborate across technology, risk, compliance, and business teams
• Comfort facilitating discussions (e.g., tabletop exercises, walkthroughs), capturing outcomes, and driving follow-through
• Continuous improvement mindset with the ability to learn, document, measure, and iterate

Nice To Haves

• ABCP, CBCP, Security+, or similar certifications are a plus

Responsibilities

• Work with all areas of the firm to map critical service dependencies and document recovery strategies through the BIA process, gathering recovery requirements, and identifying single points of failure
• Support maintenance of Business Continuity and Incident Response Plans through regular reviews and exercises, with a focus on continuous improvement
• Maintain program documentation including incident and exercise reporting, program metrics and reports for a variety of stakeholders
• Develop and maintain BCP standards and templates.
• Participate in Business Continuity and risk forums
• Identify emerging risks (e.g., regulatory changes, natural and man-made risk) and perform risk assessments.
• Administer and maintain the Riskonnect Resilience platform including monitoring platform updates, attending vendor training, and managing the vendor relationship
• Monitor IT incidents and document significant events
• Prepare incident summaries for internal tracking and reporting
• Coordinate security awareness programs via Learning Pool, including onboarding, annual training, and phishing simulations
• Support internal and external audits by collecting evidence, documenting control activities, and maintaining audit artifacts
• Assist with annual program reviews and audit readiness activities
• Respond to client due diligence requests and RFPs, leveraging knowledge bases and SMEs as needed
• Participate in vendor risk assessments, onboarding reviews, and ongoing monitoring of critical vendors

Benefits

• medical insurance
• dental insurance
• life insurance
• long-term disability coverage
• a 401(k)/profit-sharing retirement plan
• open paid time off
• leaves of absences
• dependent care resources
• tuition reimbursement
• charitable gifts matching
• flexible spending accounts
• commuter benefits
• discretionary annual bonus award