Senior Cyber Recovery Engineer


Apolis
Dice Job Match Score™
🔗 Matching skills to job...
Job Details
Skills
- CYBER
- RECOVERY
- CLEAN ROOM
- ISOLATED RECOVERY ENVIRONMENT
- IRE
Summary
Location: Chicago, IL (Hybrid)
Looking for hands on technical cyber recovery experience (airgap, clean room/forensics, and/or IRE)
Need two professional references at the time of submission.
Project Overview:
The Senior Cyber Recovery Engineer is a hands-on technical leader responsible for designing, implementing, and continuously validating the organization’s ability to recover critical systems and data in the wake of a cyber event. This role sits at the intersection of infrastructure engineering, cybersecurity, and regulatory compliance within a highly regulated financial services environment.
The successful candidate has direct experience operating within financial institution recovery programs, engaging with banking regulators (OCC, FDIC, Client, or equivalent), and executing recovery exercises within isolated recovery environments (IRE) and clean room configurations. This is not a theoretical role — we need someone who has run the drills, written the runbooks, and tested the assumptions.
Required Qualifications (Must Have):
- 10+ years of infrastructure, platform, or resilience engineering experience, with at least 4 years in a financial institution (bank, broker-dealer, asset manager, or equivalent regulated entity).
- Demonstrated hands-on experience implementing and testing cyber recovery in an Isolated Recovery Environment (IRE) or clean room — not just DR/BC planning.
- Direct experience engaging with financial regulators (OCC, FDIC, Client, NYDFS, SEC, or Client) in the context of technology examinations or regulatory responses.
- Proficiency with enterprise backup and replication platforms: Cohesity, Rubrik, Zerto, Veeam, Commvault, or NetBackup.
- Working knowledge of IaC tooling (Terraform, Ansible) and scripting (Python, Bash, PowerShell) for recovery automation.
- Strong understanding of network segmentation, identity isolation, and zero-trust concepts as applied to clean room environments.
- Familiarity with ransomware TTPs, destructive malware incident response, and forensic triage in a recovery context.
- Experience with FFIEC guidance, NIST CSF, and/or DORA requirements as they pertain to operational resilience and recovery.
Preferred Qualifications (Nice to Have):
- Experience in a GSIB, SIFI, or Category I–III bank with heightened regulatory scrutiny.
- Certifications: CISSP, CISA, AWS/Azure Disaster Recovery specialty, or vendor-specific backup platform certifications.
- Exposure to DORA (Digital Operational Resilience Act) implementation for EU-facing operations.Familiarity with SWIFT, FedWire, or CHIPS recovery considerations for payment system continuity.
- Experience with cyber recovery in hybrid cloud environments (AWS, Azure, or Google Cloud Platform) including cloud-based IRE architectures.
- Background in incident response or cyber threat intelligence with a recovery engineering lens.
- Isolated & Clean Room Recovery
- Design, build, and maintain the Isolated Recovery Environment (IRE) and clean room infrastructure used for cyber recovery exercises and declared events.
- Execute end-to-end recovery testing cycles, validating RTOs and RPOs for Tier-1 and Tier-2 critical applications.
- Develop and maintain recovery runbooks, playbooks, and automation scripts for clean room restoration of core banking systems, trading platforms, and data stores.
- Lead technical forensic validation procedures within the IRE to confirm system integrity prior to production re-entry.
Regulatory Engagement & Audit Readines - Serve as a subject matter expert during regulatory examinations, audits, and inquiry responses related to cyber recovery posture (e.g., OCC, FDIC, FFIEC, Client, NYDFS).
- Translate regulatory guidance (FFIEC Cybersecurity Assessment Tool, NIST CSF, SR 20-24, DORA where applicable) into actionable recovery engineering requirements.
- Prepare evidence packages, technical narratives, and examination artifacts that demonstrate recovery capability maturity.
- Maintain continuous documentation of control effectiveness, test results, and remediation tracking aligned to regulatory expectations.
Recovery Architecture & Engineering - Architect and operate air-gapped or logically isolated backup and replication pipelines using immutable storage technologies (e.g., Zerto, Cohesity, Rubrik, NetBackup, Veeam).
- Engineer network segmentation and identity isolation controls within the IRE to prevent lateral movement and re-infection risk during recovery.
- Integrate recovery automation into CI/CD and IaC pipelines using Terraform, Ansible, and scripting (Python/Bash) to ensure reproducible, auditable recovery environments.
- Collaborate with application owners, DBAs, and platform teams to validate application-layer recovery sequencing and dependencies.
- Own the cyber recovery exercise calendar; design tabletop, simulation, and full-failover scenarios including ransomware, destructive malware, and supply chain compromise.
- Lead post-exercise after action reviews (AARs); track findings to closure and drive measurable improvement in recovery capability.
- Benchmark recovery metrics (RTO, RPO, MTTR) against industry peers and regulatory expectations; report program health to CISO and executive leadership.
- Mentor junior engineers on recovery engineering practices, clean room protocols, and regulatory documentation standards.
- Dice Id: 10106862
- Position Id: 26-03236
- Posted 1 day ago
Company Info
About Apolis
Founded 1996, RJT Compuquest, Inc. is an ERP and IT consulting services provider focused on providing innovative and successful business solutions. We are capable of working across all technology platforms, operating systems and infrastructures. RJT has experience in performing implementations, technical and functional upgrades, optimization projects, and full service staffing.
RJT consultants have real world experience across a broad spectrum of industries and can apply that knowledge to best face your business needs. Our recruiting process selects only the most highly qualified individuals for your project. If we cannot find the best consultant for your project, then we have a large pool of third-party consultants that we recruit from to ensure your business needs are met.
Our consultants have up to twenty years of business experience and an average of more than six years of IT and ERP experience. This means that the project team not only understands how systems work, they also understand how the technology impacts the business processes of organizations. We believe that the success of an engagement is determined by strong project management, as well as clear communication and mutual commitment working collaboratively. Our methodology begins with listening to the customer about their needs, then working with their team to gain a clear understanding of the requirements, while providing a knowledge transfer of best practices for the organization. The RJT team is committed to this goal.
When you leverage our exceptional recruiting and management capabilities and unparalleled client service skills, you take the most important step toward accomplishing your business goals. As a trusted advisor to companies of all sizes, we make it our business to become a specialized, physical extension of your team. We listen to your goals, assess your needs, and then take the steps necessary to achieve your objectives. Built on long-term, trusted client and employee relationships, RJT strives to consistently and efficiently plan, execute and deliver high quality services and results.


Similar Jobs
It looks like there aren't any Similar Jobs for this job yet.
Search all similar jobs