Cyber Recovery Engineer

We are actively hiring for a Senior Cyber Recovery Engineer role with a leading financial services client in Chicago, IL for a 13+ month hybrid engagement. We are specifically seeking candidates with strong hands-on cyber recovery experience, including clean room and Isolated Recovery Environment (IRE) implementations within highly regulated financial institutions.

Summary:

The ideal candidate will bring 10+ years of experience across infrastructure engineering, platform engineering, resilience engineering, or cybersecurity, along with at least 4 years supporting banking, broker-dealer, asset management, or similarly regulated financial environments. Strong expertise in designing, building, and validating Isolated Recovery Environments (IRE) and executing end-to-end cyber recovery exercises is essential.

Candidates should have direct exposure to regulatory frameworks and examinations involving OCC, FDIC, Federal Reserve, NYDFS, SEC, FINRA, FFIEC, NIST CSF, DORA, and operational resilience standards. Experience with backup and recovery platforms such as Cohesity, Rubrik, Zerto, Veeam, Commvault, or NetBackup is highly preferred.

The role requires hands-on engineering capabilities across ransomware recovery, forensic validation, zero-trust security, network segmentation, immutable backups, and air-gapped recovery architectures. Strong automation and Infrastructure-as-Code experience using Terraform, Ansible, Python, Bash, or PowerShell is expected, along with familiarity supporting hybrid cloud recovery environments across AWS, Azure, or Google Cloud Platform.

This position is a highly technical, execution-focused role rather than a theoretical or governance-only position. The selected consultant should have real-world experience running recovery drills, building recovery runbooks, validating RTO/RPO objectives, performing forensic integrity checks within clean room environments, and leading recovery exercises for critical enterprise systems.

Role:

The Senior Cyber Recovery Engineer will serve as a key technical leader responsible for designing, implementing, testing, and continuously improving the organization’s cyber recovery posture. The role sits at the intersection of cybersecurity, infrastructure engineering, operational resilience, and regulatory compliance within a large-scale financial services environment.

Primary responsibilities include designing and maintaining isolated recovery environments and clean room infrastructure, executing cyber recovery testing cycles for Tier-1 and Tier-2 applications, developing recovery playbooks and automation frameworks, and ensuring recovery readiness during cyber incidents and declared events.

The engineer will also support regulatory examinations and audit readiness activities by preparing technical evidence packages, translating regulatory guidance into actionable engineering controls, documenting remediation activities, and demonstrating recovery capability maturity to auditors and regulators.

Responsibilities:
Additional responsibilities include architecting immutable backup and replication solutions, implementing network segmentation and identity isolation controls, integrating recovery automation into CI/CD and IaC pipelines, coordinating application recovery sequencing with infrastructure and database teams, and leading tabletop exercises, ransomware simulations, and full failover recovery scenarios.
The role will also drive continuous improvement initiatives through after-action reviews, recovery metric benchmarking, operational reporting to executive leadership, and mentoring junior engineers on cyber recovery engineering best practices and clean room operational standards.
Preferred certifications include CISSP, CISA, AWS/Azure Disaster Recovery Specializations, or equivalent cyber resilience and recovery-focused credentials.