Role : Senior Enterprise Resilience Risk Analyst (Business Continuity Analyst)
Location : San Jose, CA (Hybrid)
Duration : Contract
What you'll Do
- Perform business continuity and disaster recovery risk assessments for critical vendors.
- Validate vendor resilience practices to ensure alignment with client’s enterprise resilience standards.
- Publish comprehensive assessment reports, summarizing resilience gaps, risks, and actionable recommendations.
- Provide insights to leadership on emerging risks and resilience trends across the vendor ecosystem.
- Support TPRM and Critical Vendor programs, ensuring compliance with resilience governance frameworks and risk management policies.
- Ensure vendor contracts include resilience and continuity requirements.
- Partner with Procurement, Legal, Security, and Business Units to address vendor resilience risks and implement mitigation strategies.
- Lead resilience testing exercises with third parties to validate recovery capabilities.
- Identify and drive process improvements within vendor resilience and risk management workflows.
- Align third-party resilience practices with enterprise resilience frameworks (ISO 22316, NIST, FFIEC, etc.).
- Maintain accurate documentation of resilience assessments, reviews, and program activities for audit and reporting purposes.
What you need to succeed
- 5+ years of experience in business continuity, vendor risk management, or third-party security assessments
- Strong knowledge of resilience and risk frameworks (ISO 22301, ISO 22316, NIST, SOC 2) and enterprise resilience principles.
- Proven experience conducting resilience assessments and preparing detailed reports for executive and technical audiences.
- Proficiency in tools and platforms such as Microsoft Office Suite, ServiceNow, and risk management systems.
- Excellent communication and analytical skills, with the ability to translate resilience findings into actionable recommendations.
- Collaborative mindset, capable of working across multiple teams and managing competing priorities.
- Qualifications: Background in Enterprise Resilience, Risk Management, Business Continuity, Disaster Recovery, or Information Security; certifications such as CBCP, CBCI.
