Director, Cyber Resiliency, Business Continuity & Disaster Recovery
Company: Flagstar Bank
Location: Hicksville
Posted on: October 15, 2024
Job Description:
The Director of Cyber Resiliency, Business Continuity, and
Disaster Recovery will lead and oversee the institution's
strategies to ensure the resilience and continuity of business
operations in the event of cyber threats, major system outages, or
disasters. The successful candidate will be responsible for
developing, implementing, and maintaining comprehensive plans that
minimize risks and ensure rapid recovery and continuity of critical
business functions. Additionally, the Director will manage a team
of Business Continuity Planning (BCP) and Disaster Recovery (DR)
staff. This role will work in conjunction with IT senior management
to develop the strategy and direction of the cyber resilience,
business continuity, and disaster recovery program for Information
Technology and the overall bank. They will ensure BCP/DR plans
comply with relevant regulatory requirements and industry standards
and ensure that external service providers meet the bank's recovery
requirements and standards. This director leads a team that ensures
effective risk management and escalation of issues to IT senior
leaders. The director will partner with IT risk and security
teammates as well as IT leaders to conduct testing of resiliency
plans, business continuity and disaster recovery plans, execution
of scenario testing for ransomware, extortion, failure facilities,
datacenter operations, or business disruption due to natural,
environmental, or manmade threats.
- Develop and implement a strategic roadmap for cyber resiliency,
business continuity, and disaster recovery; lead the creation,
maintenance, and testing of business continuity and disaster
recovery plans; align the institution's cyber resiliency strategy
with overall business objectives and regulatory requirements;
manage and mentor a team of BCP and DR staff, providing guidance,
performance feedback, and professional development opportunities;
assign tasks and projects to team members, ensuring alignment with
departmental goals and priorities; and foster a collaborative and
high-performance team culture. - Assist with career development and
enhancement of the team. - Responsible for talent management
functions including employment, performance evaluations, staff
development/training, disciplinary actions, succession planning and
ensuring all staff comply with compliance requirements.
- Ensure that recovery plans are up-to-date, effective, and
aligned with business needs; coordinate with IT and business units
to validate and test recovery procedures; partner with the Security
Operations and Incident Response teams to support incident response
efforts; oversee scenario testing for ransomware and extortion
attacks, ensuring preparedness and effective response; develop and
execute simulation exercises to test the effectiveness of incident
response and recovery plans; provide support during actual
incidents, ensuring swift resolution and minimal impact.
- Ensure that data backups are immutable and air-gapped to
protect against cyber threats; develop and maintain strategies for
data restoration in alignment with business requirements and
recovery time objectives (RTO); regularly test backup and recovery
processes to ensure data can be restored in a timely and efficient
manner; plan and execute disaster recovery (DR) testing at both the
datacenter and application levels; conduct regular failover and
fallback testing to ensure systems can be recovered and restored
effectively; document and report on the results of DR tests,
identifying areas for improvement and implementing corrective
actions.
- Stay current with emerging threats, trends, and best practices
in cybersecurity, business continuity, and disaster recovery;
identify opportunities for process improvements and implement
changes to enhance resiliency capabilities; benchmark the
institution's practices against industry standards and peer
organizations; maintain and report operational and board level KRIs
and adjust program accordingly based on thematic trends and
patterns. -
- Performs special projects and additional duties and
responsibilities as required.
- Consistently adheres to regulatory and compliance policies and
standards linked to the job as listed and complete required
compliance trainings. Accountable to maintain compliance with
applicable federal, state and local laws and regulations.
Job Requirements:
- Undergraduate Degree (4 years or equivalent) in Information
Security, Computer Science or related field required. -
- Masters Degree preferred.
- CISSP certifications preferred
- 7+ Years of overall IT experience with a minimum of 5+ years in
cyber resiliency, business continuity, and disaster recovery
required.
- Certified Business Continuity Professional (CBCP), or Master
Business Continuity Professional (MBCP) is preferred
- Extensive experience in building and managing comprehensive
cyber resiliency and disaster recovery programs.
- Proven track record in developing, implementing, and testing
business continuity and disaster recovery plans.
- Demonstrated experience in managing regulatory compliance and
ensuring alignment with industry standards (e.g., FFIEC, NIST,
ISO,DRII, and BCI).
- Experience in conducting risk assessments and developing
mitigation strategies.
- Hands-on experience with data protection strategies, including
ensuring data backups are immutable and air-gapped.
- Experience in overseeing scenario testing for ransomware and
extortion attacks.
- Skill in managing relationships with stakeholders, including
senior management, IT teams, and external auditors.
- Excellent verbal and written communication skills to convey
complex resiliency, continuity, and availability risk concepts to
non-technical stakeholders.
- Ability to negotiate and influence stakeholders to implement
necessary risk management measures.
- Experience in fostering collaboration and teamwork across
departments to resiliency and continuity management goals.
- Sound judgment and decision-making skills to make timely and
informed risk management decisions.
- Experience in managing cyber resiliency, business continuity,
and disaster recovery testing projects and initiatives from
inception to completion.
- Skill in developing comprehensive cyber resiliency, business
continuity, and disaster recovery programs aligned with
organizational strategy.
- Continual learning and professional development to stay updated
on emerging IT, cyber and availability risks and industry
trends.
- Ability to recruit, develop, and retain skilled cyber
resiliency, business continuity, and disaster recovery
professionals.
- Ability to innovate and implement new approaches to mitigate
emerging cyber resiliency, business continuity, and disaster
recovery risks.
- Essential travel as required -
- Physical demands (ADA): No unusual physical exertion is
involved.
Keywords: Flagstar Bank, Freeport , Director, Cyber Resiliency, Business Continuity & Disaster Recovery, Executive , Hicksville, New York
Didn't find what you're looking for? Search again!
Loading more jobs...