Senior Business Continuity and Disaster Recovery Associate

Responsibilities Business Continuity and Disaster Recovery

• Lead the development, implementation, and continuous improvement of the enterprise BC/DR program.
• Conduct Business Impact Analyses (BIA), Risk Assessments (RA), and Continuity of Operations Planning (COOP).
• Liaise with key stakeholders to ensure ongoing Recovery Time Objective (RTO) and Recovery Point Objective (RPO) alignment with business impact and system criticality.
• Facilitate Disaster Recovery Planning (DRP), testing, and exercises to validate recovery capabilities.
• Define strategies to ensure resilience with critical SaaS dependencies.
• Educate stakeholders on BC/DR procedures and ensure organizational readiness for crisis scenarios.
• Facilitate interconnectivity between incident response and BC/DR plans and testing activities to ensure that cybersecurity scenarios are adequately contemplated.

• Enhance and maintain the Information Security Policy Framework, ensuring alignment with regulatory requirements and industry standards (e.g., NIST CSF, ISO 27001, NIS2, DORA, CIS, etc.).
• Collaborate with stakeholders to ensure policies are understood, adopted, and enforced across the organization.

• Ensure adoption and operationalization of a control framework aimed at maintaining compliance with key frameworks and regulatory requirements.
• Perform security compliance framework assessments and control narrative creation.
• Conduct control testing, identify deficiencies, and drive remediation efforts.

• Maintain the enterprise Information Security Risk Register and perform periodic and ad hoc risk assessments.
• Support risk treatment planning and ensure alignment with the organization’s risk appetite.
• Perform third‑party risk assessments and ongoing oversight activities.

• Promote a security‑first mindset across the organization.
• Contribute to the development and delivery of security awareness programs.

• Bachelor’s degree or equivalent experience; relevant certifications preferred (e.g., CBCP, MBCP, MBCI, FBCI).
• 3‑6+ years’ experience in cybersecurity, GRC, and/or BC/DR roles, ideally within financial services.
• Strong analytical and critical thinking skills and the ability to organize work in a logical, thorough, and succinct manner.
• Highly self‑motivated, results‑oriented, and self‑directed to handle multiple ongoing tasks.
• Flexibility to adapt to changing assignments and ability to effectively prioritize.
• Effective written and verbal English communication at all levels.
• Demonstrated ability to operate and innovate in a small team with a fast‑paced environment, balancing both strategic and tactical needs.

This position is exempt and is paid according to the laws of the State of Illinois. The pay range for this position is $125,000 – $160,000 USD per year.

This position requires the physical capabilities to work in an office environment, which may include prolonged periods of sitting at a desk and working on a computer. Corient seeks to make reasonable accommodations that enable individuals with disabilities to perform essential duties when possible. This position may require the ability to lift up to 15 pounds. The position is required to work onsite 4 days per week.

Must be 18 years of age or older. Must have unrestricted work authorization to work in the United States. For U.S. employment opportunities, Corient hires U.S. citizens or permanent residents.

• 401(k) Plan with Employer Matching
• Four Medical Plan options that is generously subsidized by Corient
• Employer‑paid Dental, Vision & Life and AD&D Insurance
• Employer‑paid Short‑term & Long‑term Disability
• Paid Maternity & Parental Leave
• Flexible Spending Accounts & Health Savings Accounts
• Dependent Care FSA
• Commuter & Transit FSA
• Corporate Discount Program – Perkspot
• Training Reimbursement
• Paid Professional Designations
• Giving back to the community – Volunteer days

We are an equal opportunity employer. All candidates will be recruited and, if applicable, selected and employed without regard to sex, race, religion, marital status, veteran status, age, national origin, sexual orientation, gender identity, color, creed, ancestry, disability, genetic information or any other basis prohibited by law.

This position description is intended to provide a general overview of the expectations and responsibilities of this position and may not include all tasks that may be assigned. As the nature of business demands change, so may the functions of this position. Additional duties and responsibilities may be assigned with or without notice.