SRC_Cyber Resilience_Senior Associate

Overview 

The Cyber Resilience Senior Associate will be responsible for developing and implementing cyber resilience strategies and programs, ensuring the resilience and continuity of IT systems. The ideal candidate should have a strong understanding of cyber resilience practices and standards, possess excellent communication and organizational skills, and be able to work independently as well as part of a team. 

Key Responsibilities 

• Create and enforce comprehensive business continuity and cyber resilience strategies to ensure clients' operations can withstand and quickly recover from disruptions. 

• Conduct thorough risk assessments and develop risk treatment plans to identify and manage vulnerabilities and potential threats to business operations and cyber resilience. 

• Provide expert advice to clients on business continuity and cyber resilience, including policy development, risk assessments, and compliance strategies. 

• Design and document IT Disaster Recovery (ITDR) policies and procedures, including Application Sensitivity Assessments (ASA) and Failure Mode and Effects Analysis (FMEA). 

• Develop and implement Business Continuity and Disaster Recovery (BCDR) plans, Information Security Management Systems (ISMS), and enterprise risk management frameworks. 

• Develop and execute incident response plans, ensuring rapid and effective recovery from cyber incidents and other disruptions. 

• Develop and execute disaster recovery plans and runbooks and facilitate tabletop simulation exercises focusing on natural disasters and cyber threats. 

• Manage all phases of disaster recovery testing initiatives, including planning, coordination, execution, and post-drill activities. 

• Implement and oversee compliance monitoring, auditing, and remediation activities to ensure adherence to relevant regulations and best practices. 

• Develop and deliver training programs for clients and internal teams to promote awareness and preparedness for business continuity and cyber resilience. 

• Provide advisory services on the selection and implementation of Business Continuity Management (BCM) tools and the automation of BCMS processes. 

• Contribute to practice enablement and business development activities (development of SOW’s, RFPs in alignment to client’s requirement, etc.) 

• Drive initiatives to develop innovation quotient (publishing whitepapers, help develop business case for an innovative technical idea to seek investments, point of view, etc.) 

Position Requirements  

• In-depth understanding of cyber resilience principles, business continuity, and disaster recovery frameworks. 

• Knowledge of network security/hardening, whitelisting, and cybersecurity best practices. 

• Proficiency in conducting risk assessments and developing IT Disaster Recovery plans and procedures. 

• Good knowledge of cybersecurity principles, theories, and techniques. 

• Knowledge of relevant standards and regulations, including ISO 27001, ISO 22301, NIST SP 800-61, and the Digital Operational Resilience Act (DORA). 

• Experience working with frameworks such as MITRE ATT&CK, NIST, and SANS Incident Response. 

• Understanding of information security management systems (ISMS) and enterprise risk management (ERM) practices. 

• Experience in creating and maintaining Business Continuity Plans (BCPs), Crisis Management Plans (CMPs), and IT Disaster Recovery (ITDR) plans. 

• Demonstrate application of business acumen while leveraging technologies. 

Desired Knowledge 

• Relevant certifications such as ISO 22301, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are highly desirable. 

• Excellent leadership, teamwork, and collaboration skills. 

• Practical experience in conducting business continuity and cyber resiliency testing and simulations. 

• Proficient in security operations, particularly in handling security incidents, cyber threat intelligence, and proactive threat hunting. 

• Hands-on experience with cyber defense security technologies, including SIEM, security detection platforms (IPS/IDS), and EDR/XDR (defense-in-depth). 

• Experience working with cloud platforms such as AWS, Azure, or GCP. 

Years of experience 

Minimum of 3-8 years of experience in business continuity, cyber resilience, or a related field. Experience in a consulting environment is highly desirable. 

Professional and Educational Background  

BE / B Tech / MCA / MS / MBA (Field of Study: Computer and Information Science, Information Cybersecurity, Information Technology, Management Information Systems). 

Additional Information  

• Travel Requirements: Not Applicable 

• Line of Service: Advisory 

• Industry: Consulting 

• Location: Bangalore, Hyderabad, Mumbai, Kolkata, Chennai, Pune