Security Risk & Resilience Analyst

Join a great place to work with MissionSquare Retirement, a FINANCIAL SERVICES LEADER in public sector employee retirement products and services.

Headquartered in Washington, DC, MissionSquare Retirement was founded to provide portable retirement benefits for city and county managers, enabling accumulated retirement assets to be transferred between employers.

Today, MissionSquare Retirement serves more than 1.5 million participant accounts, and more than 9,000 retirement plans across the country.

We have an extraordinary talent base and invite you to consider joining MissionSquare Retirement's Technology team.

The Security Risk & Resilience Analyst will work with the Director, Cyber Security Risk, to serve on a risk team responsible for reviewing and documenting where security and technology controls are adequate, as well as areas requiring improvement.

As a joint role, The Security and Resilience Analyst will also work to evaluate the existing business continuity and disaster recovery strategy to identify any weaknesses or shortcomings in the company’s Disaster Recovery strategies to make recommendations to improve and strengthen the controls.

Essential Functions for this role include:


* Assist with administration of disaster recovery (DR) plans for all divisions/departments to ensure that they are updated as appropriate and meet the mandatory requirements utilizing the Business Continuity Planning system used across the company to build and maintain the corporation's business continuity plans in a uniform format.


* Assist in coordination of corporate DR exercise and conduct the yearly DR desktop simulation exercise with the Incident Management Team.


* Assist with the ongoing review of new projects, ensuring resiliency is included in design, development, and execution phases.


* Draft/update DR policies and procedures as necessary in conjunction with Sr.

Manager, Business Continuity


* Participate in reviews by Internal Audit, external audits and Compliance and assurance that any comments are addressed in a timely fashion.


* Assist with documentation of technical disaster recovery infrastructures, strategies, and standards.


* Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.

Recommend risk reduction steps to be implemented and maintained through policies, procedures, frameworks, and technical controls.


* Identify strengths and weaknesses in the security program as they relate to privacy, security, business resiliency, and compliance frameworks.

In tandem with security leadership, the analyst consistently assesses and validates the assurance of the security program.


* Maintain strong oversight of third parties, vendors, and business partners to safeguard against undue risk presented by external entities.

Escalate to security management and business unit leads when points of weakness are discovere...