Director, Business Operations
Listed on 2026-07-01
-
IT/Tech
Business Continuity
About CIM Group
CIM is a community-focused real estate and infrastructure owner, operator, lender, and developer. Our team of experts works together to identify and create value in real assets, benefiting the communities in which we invest. Back in 1994, our three founders focused on projects in Southern California neighborhoods. Today, we are a diverse team of 900+ employees with projects across the Americas.
Our projects have delivered jobs; created comfortable places to live, work, and relax; and provided necessary and sustainable infrastructure. Our focus on enhancing communities is unwavering, and we strive to make an even greater impact in the years to come. Join us and make an impact today!
The Director of Business Operations holds primary responsibility for managing and executing the firm’s operational resilience framework, with full accountability for third-party risk management, incident response planning, business continuity and business operational reporting. This role requires both strategic oversight and hands‑on execution. The director will also support key firmwide initiatives and special projects.
The Director, Business Operations establishes firmwide standards, ensuring controls are robust, thoroughly documented, effective, and appropriately tailored to the organization’s needs. The position involves ongoing program enhancement by identifying and mitigating emerging threats in advance. Additionally, this role directly implements these standards, including incident triage and crisis response, as necessary.
Please note:
Considering incidents may occur outside of core working hours, occasional work during weekends and/or holidays may be required.
- Take full ownership of the firm’s Third-Party Risk Management (TPRM) program, leading both strategy and hands‑on execution. Oversee vendor supervision using a risk-based approach, ensuring seamless management throughout the vendor lifecycle— including due diligence, onboarding, ongoing monitoring, remediation, and offboarding.
- Ensure all vendor risk activities comply with internal policies, regulatory requirements (SEC, FINRA), and investor standards.
- Regularly update and maintain TPRM policies, standards and procedures, delivering clear documentation and continuous improvements.
- Lead the execution and ongoing enhancement of the firm’s Incident Response Plan. Collaborate closely with legal, compliance, technology and additional internal stakeholders to maintain and update protocols.
- Serve as the primary point of contact for all incident types, coordinating rapid triage, containment, and resolution across teams. Guide the Incident Response Team, including after‑hours support, as needed.
- Track, report, and document incidents; conduct thorough reviews and remediation planning post‑incident. Perform analytics and root‑cause analysis to proactively reduce future risk and continually evolve the program to meet emerging threats and business needs.
- Own and drive the Business Continuity Planning program, from policy development and governance to hands‑on execution of annual tests and disaster response. Lead BCP committees and engage stakeholders to ensure the program evolves with changing business and regulatory requirements.
- Conduct regular business impact assessments to define suitable recovery goals. Integrate high-risk service providers into BCP testing, maintain comprehensive documentation of outcomes, and deliver remediation where needed.
- Execute BCP plans during disasters, providing after‑hours leadership to restore operations promptly and in accordance with established recovery strategies.
- Continuously review and refine workflows to optimize efficiency. Identify and implement improvement opportunities across operational risk controls.
- Deliver high-quality, insightful reporting—including dashboards, KPI tracking, incident summaries, and vendor risk metrics—to senior leadership and committees.
- Maintain client-ready documentation of operational risk controls; collaborate with the RFP team to address due…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).