Reports to: Security, Risk and Compliance Manager
Primary Functions: Assist with the data-to-day operation of the Business Continuity Program, monitor and coordinate security regulations, compliance activities, and security and continuity risk.
Duties and Responsibilities:
- Develop a working knowledge of Credit Union functions.
- Maintain policies, procedures and associated plans for disaster recovery administration, business continuity, information management compliance, and associated risk.
- Review recovery procedures for the restoration of mission-critical business processes in the event of a disruptive event.
- Assist with aspects of actual recovery plan efforts, including initial emergency response, recovery procedures, and business resumption processes.
- Assist with business impact analyses maintenance and updates to the company’s critical functions.
- Assist with of disaster avoidance strategies, impact reduction strategies, and department-specific business continuity plans.
- Assist in coordination and support of business continuity/disaster recovery testing exercises and evaluations.
- Develop familiarity with applicable state and federal regulations, industry audit requirements, and mandates affecting Information Management and Business Continuity.
- Develop and coordinate plans to ensure Information Management is compliant with NCUA, state and federal regulations, and other required regulations and coordinate with internal and external stakeholders to ensure compliance is satisfactorily addressed.
- Coordinate and research information related to risk assessments with other departments to identify vulnerable areas within and to the company’s critical systems and data.
- Track and report on aspects of Information Management compliance requirements to leadership.
- Stay abreast of emerging technology trends, methodologies, and practices.
- Assist with maintenance, monitoring, and reporting of hardening and configuration related processes.
- Perform others duties as assigned.
Education: Associates or Bachelor’s degree in Computer Science, Business Continuity, Emergency Management, Information Management, or related field; or the equivalent in education and work experience.
Creditable Experience in Lieu of Education: Equivalent technical training and certifications required. 1-23 years in the financial industry, information compliance areas, or business continuity.
Experience/Skills: Technical knowledge of current systems software, hardware, protocols, and standards, business analysis, business IT, risk management or compliance and regulation experience a plus. Strong human relations skills to interface with staff at all levels within the organization and to deal with vendors. Good oral and written communication skills. Familiarity with basic Microsoft products. Good organizational skills. Demonstrated ability to successfully manage time-sensitive activities.
Tenure: Assignment to the Security Risk and Compliance Analyst I category 10, Security Risk and Compliance Analyst II category 09, Security Risk and Compliance Analyst III category 08, or Senior Security Risk and Compliance Analyst category 07 will be determined by the candidate’s education or experience. Advancement requires management recommendation and will be based on the candidate’s certifications and/or performance.