Submit Resume

Back Submit

Information Risk Management Analyst II

  • Ontario, Toronto

  • 06/09/2025

  • Contract

  • Active

Job Description:

  • Job Summary
    The Information Risk Management Analyst II is responsible for coordinating and overseeing Business Continuity (BC) and Disaster Recovery (DR) planning and testing. This position plays a key role in ensuring regulatory compliance, managing evolving risk factors, and executing third-party exit and transition strategies. The role is critical in supporting the organization’s operational resilience and is temporarily assigned additional responsibilities during a leadership absence.

    Key Responsibilities
    1. Ensure BC/DR plans comply with internal policies and external regulatory standards.
    2. Review and update continuity plans in response to business and risk changes.
    3. Implement and support global BC/DR processes across business units.
    4. Oversee third-party exit and transition planning; review SOC 2 reports.
    5. Conduct meetings with business and technology stakeholders to assess dependencies, risks, and gaps.
    6. Facilitate simulations and exercises to test DR capabilities and document outcomes.
    7. Align DR strategies with operational objectives, IT capabilities, and compliance requirements.

    Required Qualifications
    1. Bachelor’s degree in Computer Science, Engineering, or a related technical field.
    2. Minimum of 4 years of experience in Business Continuity and Disaster Recovery.
    3. Strong communication skills with the ability to collaborate across all organizational levels.
    4. Demonstrated experience in security or risk management with a solid understanding of DR principles.
    5. Proven track record of effective stakeholder management and cross-functional collaboration.

    Preferred Qualifications (if any)
    1. Familiarity with financial institutions and regulatory frameworks (e.g., FFIEC, FINRA, SOX).
    2. Experience with audit and compliance reporting related to SOC 2 or similar standards.
    3. Background in enterprise IT or cybersecurity operations.

    Certifications (if any)
    1. Certifications such as CBCP (Certified Business Continuity Professional), CISSP, CISA, or CRISC are a plus but not required.


.

.

.