Senior Operational Risk Analyst (Tech Resilience)

Overview

Assist in strengthening the organization's ability to withstand and recover from technology disruptions that impact critical business services. Operating within the Business Continuity and Business Resiliency program, this role bridges business impact expectations with real-world technology recovery capabilities.

Provide independent second-line oversight and challenge of technology resiliency capabilities, including recovery strategies, testing outcomes, and dependency management, to ensure alignment with business resiliency expectations.

Responsibilities

• Support the development, maintenance, and continuous improvement of the Technology
  
  Resiliency framework within the broader Business Continuity and Business Resiliency program.
• Provide independent second-line oversight and challenge of technology resiliency practices, including IT disaster recovery plans, technology continuity strategies, and recovery testing activities executed by first-line teams.
• Identify and assess technology resiliency risks, including operational, design, and process deficiencies, and determine improvement opportunities aligned to business and regulatory expectations.
• Translate enterprise resiliency principles into clear, risk-based guidance to promote consistent application across technology teams while allowing flexibility based on system criticality and architecture.
• Assess alignment between business-defined recovery expectations and technology capabilities by reviewing critical services and their supporting applications, infrastructure, data, and third-party dependencies.
• Review and challenge technology recovery and resilience strategies, including disaster recovery, high availability, backup, and failover solutions, to identify single points of failure, concentration risks, and architectural weaknesses that could impact service availability, continuity, or recoverability.
• Provide risk-based recommendations that balance resiliency outcomes with cost, complexity, and operational feasibility.
• Review, challenge, and validate the results of technology recovery testing and resilience exercises, and escalate material gaps where recovery capabilities do not meet business needs.
• As part of Third Party Risk Management, perform assessments of third-party services, evaluating vendor recovery strategies, testing evidence, dependency transparency, and alignment to enterprise resiliency requirements.
• Provide leadership with clear, risk-based insights into the organization's overall technology resiliency posture, including emerging risks, trends, and areas requiring escalation or remediation.
• Assist in drafting and maintaining Technology Resiliency governance directives, and partner with senior leaders to socialize, vet, publish, and monitor adherence across the organization.

Qualifications

Required Qualifications

• Bachelor's degree in Information Technology, Risk Management, Business, or equivalent combination of training, education and experience.
• Experience in highly regulated industries (finance, healthcare, critical infrastructure) or large distributed enterprise environments.
• Experience in technology, IT operations, architecture, business continuity, disaster recovery or technology risk
• Strong understanding of application, infrastructure, and data architectures and dependencies, and how they support service resilience and recovery during disruptions
• Experience assessing third - party business continuity and disaster recovery capabilities
• Knowledge of risk and resilience frameworks: FFIEC, ISO 22301, NIST SP 800-34, ISO 27001
• Ability to translate technical concepts into business impact and risk language
• Advanced organizational, planning, and time management skills

Desired Qualifications

• Master's Degree in a related field or an equivalent combination of training, education, and experience that provided exposure to or management of ORM-related risk domains.
• Experience with cloud platforms (AWS, Azure, Google Cloud Platform) and related resiliency tooling (replication, multi-region architectures, backup automation.
• Relevant field certifications such as MBCP, CBCP, CCRP, CRISC, CISM, SRE, Certified Solutions Architect (AWS, Azure), etc.
• Experience in Financial Services, First, Second, and/or Third Line Risk Management

Hours: Monday - Friday, 8:00AM - 4:30PM
Location: 820 Follin Lane, Vienna, VA 22180 | 5510 Heritage Oaks Drive, Pensacola, FL 32526

About Us
Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks.

Our approach to careers is simple yet powerful: Make our mission your passion.

Fortune 100 Best Companies to Work For 2025

Yello and WayUp Top 100 Internship Programs

Computerworld Best Places to Work in IT

Newsweek Most Loved Workplaces

2025 PEOPLE Companies That Care

Newsweek Most Trustworthy Companies in America

Military Times 2025 Best for Vets Employers

Best Companies for Latinos to Work for 2025

Forbes 2025 America's Best Large Employers

Forbes 2025 America's Best Employers for New Grads

Forbes 2025 America's Best Employers for Tech Workers

2025 RippleMatch Campus Forward Award Winner for Overall Excellence

Military.com Top Military Spouse Employers 2025

2025 Handshake Early Talent Award

From Fortune . 2025 Fortune Media IP Limited. All rights reserved. Used under license. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to age, race, sex, color, religion, national origin, disability, veteran status, pregnancy, sexual orientation, genetic information, gender identity or any other basis protected by applicable law.

Accommodations: If you need accommodation or assistance for a qualifying condition to complete the online application (or during any stage of the hiring process), you can contact Navy Federal's Medical Accommodations team at or by calling 1-. This team cannot provide any information on job postings or application status.

Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team's discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position. For additional details regarding compensation and benefits, review the Benefits page of the Navy Federal Career Site.

Protect Yourself from Job Scams: Navy Federal Credit Union jobs are posted on our career site, jobs.navyfederal.org and reputable job boards (e.g., LinkedIn, Indeed). We do not post jobs on social media marketplaces, messaging apps or unverified websites. We will never ask candidates for payment, bank details or personal financial information during the hiring process.

Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.