IT Business Continuity Management Analyst at NCBA Group

Job Purpose Statement

The IT Business Continuity Management Analyst is responsible for ensuring the resilience and availability of IT services by developing, implementing, and maintaining effective Business Continuity (BC) and Disaster Recovery (DR) frameworks. This includes conducting Business Impact Analyses (BIA), risk assessments, and DR testing to ensure timely restoration of services during disruptions. The role aligns IT continuity strategies with business objectives and ensures compliance with ISO 22301, NIST, and financial industry regulations.

Key Accountabilities (Duties and Responsibilities)

IT Disaster Recovery Planning & Execution (40%)

• Develop and maintain DR plans aligned with recovery objectives.
• Implement system classification and tiering based on criticality.
• Define and track RTOs and RPOs to support business priorities.
• Coordinate quarterly DR testing (failover simulations, tabletop exercises).
• Collaborate with IT teams to address resiliency gaps and ensure high availability.
• Maintain and regularly update DR documentation.

Business Continuity & Risk Management (40%)

• Conduct BIAs to identify and prioritize critical systems and dependencies.
• Map IT systems to business functions using structured tiering.
• Assess risks including cyber threats, infrastructure vulnerabilities, and third-party dependencies.
• Perform gap analyses and implement corrective actions.
• Develop KRIs and performance metrics for resilience monitoring.
• Ensure compliance with ISO 22301, NIST 800-34, and CBK guidelines; liaise with Audit, Risk, and Compliance teams.

 IT BCM Awareness, Testing & Compliance (20%)

• Develop awareness programs to educate teams on continuity roles and DR response.
• Ensure third-party vendors meet DR requirements and monitor their resilience.
• Define DR testing methodologies and validate backup integrity and failover capabilities.
• Track and resolve issues from DR tests, audits, and incidents.
• Regularly review and update BCM policies to reflect best practices and emerging threats.
• Provide executive-level reporting on continuity performance and risk posture.

Job Specifications

• Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field.
• Preferred certifications: CBCP, ISO 22301 Lead Implementer, ITIL; additional certifications like CISA, CISM, or CISSP are a plus.
• Minimum 3 years of experience in IT Business Continuity, DR, or IT Risk Management.
• Strong knowledge of IT infrastructure, cloud computing, network resilience, and enterprise applications.
• Hands-on experience with BIA, risk assessments, continuity planning, and DR testing.
• Familiarity with financial services regulations.

Technical Competencies

• Proficiency in BCP, DRP, ISO 22301, NIST 800-34, and ITIL frameworks.
• Skilled in system classification, risk assessments, and impact analysis.
• Experience with backup, replication, failover, and DR strategies.
• Knowledge of cloud DR, hybrid infrastructure, and cybersecurity recovery.
• Strong understanding of IT governance and compliance.

Behavioral Competencies

• Analytical and problem-solving skills to address IT resilience gaps.
• Strong communication and stakeholder engagement abilities.
• Proactive mindset focused on continuous improvement.
• Integrity and ethical leadership in managing IT risk and compliance.