Cyber Resiliency Lead

Software Guidance & Assistance, Inc., (SGA), is searching for a Cyber Resiliency Lead for a FULL TIME assignment with one of our premier Insurance clients in New York, NY.

Responsibilities:
The Cyber Resiliency Lead role is responsible for developing, implementing, and overseeing cyber resilience strategies that strengthen the organization's ability to withstand and recover from advanced cyber disruptions across core technology layers. This role will be part of the first line cybersecurity team within Information Technology Department. Responsibilities include resilience planning for core technology infrastructure and applications, as well as driving integration of cyber scenarios into disaster recovery (DR), business continuity (BC), and enterprise resilience efforts. The role serves as the critical bridge between cybersecurity, enterprise technology, and enterprise risk management.

• Review and recommend cyber resilience recovery strategies and options and assist with the implementation of recovery solutions.
• Champion cyber resilience objectives in collaboration with infrastructure, enterprise technology, risk, and resiliency teams.
• Act as a thought leader on cyber resilience trends and industry best practices.
• Develop, implement, and maintain Objectives and Key Results (OKRs) and other relevant metrics to measure cyber resilience program effectiveness, maturity, and alignment with organizational goals.
• Assess and enhance recovery readiness for core technology services including (but not limited to) identity and access management (IAM), network, DNS, endpoint detection and response (EDR), and cloud platforms.
• Develop recovery tiering and technical recovery playbooks for cyber incidents (e.g., ransomware, data corruption, destructive attacks).
• Support impact assessments for emerging technologies (e.g., AI, zero trust, hybrid cloud) on cyber resilience.
• Lead decisioning and implementation of clean room and isolated recovery environments for rapid reconstitution.
• Define access, tooling, and procedures for maintaining and validating clean-room readiness.
• Implement (or partner with teams to support implementation) tools and solutions to be used for the recovery environment (e.g., cyber vault, recovery orchestrations, forensics)
• Enhance DR testing procedures to include cyber-disruption scenarios and recovery validation in partnership with enterprise resilience, enterprise technology, and business partners.
• Define minimum viable business and technology service levels for post-incident operation.
• Coordinate and lead cyber-focused tabletop exercises, cyber disruption scenarios, and recovery simulations for critical systems. and playbook validation.
• Coordinate post-mortem reviews and incorporate lessons learned into future planning.
• Partner with Enterprise Resiliency to assess business function-level preparedness
• Coordinate development of annual cyber resilience program objectives and schedules for annual recovery playbook maintenance and update, exercises and independent review and validation.
• Develop and coordinate cyber resilience program artifacts, including reporting, tracking, and monitoring.
• Provide expertise and support to management and recovery functions, as requested, when business disruption occurs.
• Work with critical third-party vendors to ensure that business requirements are addressed.
• Define standards for cyber readiness, recovery point/time objectives (RPO/RTO) under attack conditions, and cyber crisis escalation in partnership with enterprise risk management.
• Participate in governance bodies related to resilience, risk, and incident response.

Required Skills:

• 15+ years in cybersecurity, technology risk, or IT disaster recovery roles
• Deep understanding and experience in cybersecurity operations, incident response, infrastructure resilience, and threat scenarios (e.g., ransomware, destructive malware).
• Experience developing recovery architecture and procedures for hybrid environments (cloud/on-prem).
• Familiarity with frameworks like NIST CSF, ISO 27031, and FFIEC Business Continuity Handbook.
• Strong leadership, collaboration, and communication skills across executive, technical, and operational levels. Prior experience with disaster recovery tools (e.g., Cohesity, Dell Cyber Recovery, AWS/Azure/Google Cloud Platform disaster recovery solutions).
• Excellent communication skills and experience in reporting progress, status and outcomes to management.

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.

#LI-SL1