Senior Business Continuity & Disaster Recovery Analyst at DigiCert, Inc.

Job summary

• The Senior BC/DR Analyst is responsible for coordinating, maintaining, and continuously improving DigiCert’s enterprise Business Continuity, Disaster Recovery, and Resiliency program.
• This role acts as the central governance and program coordination owner for BC/DR across DigiCert, ensuring that business continuity plans, disaster recovery exercises, business impact analyses, testing reports, and remediation activities are consistently executed, documented, and aligned with industry standards such as ISO/IEC 27001, WebTrust, ETSI, NIST, and CA/B Forum requirements.
• The role operates as a first-line governance function, working closely with DigiCert’s technology, infrastructure, security, and business teams who retain operational ownership of systems and recovery execution.

What you will do

Business Continuity Program Ownership

• Own and maintain DigiCert’s enterprise Business Continuity Plan (BCP), ensuring it is current, approved, and consistently applied across the organization.
• Coordinate periodic reviews and updates of the BCP to reflect organizational, system, or risk changes.
• Ensure BCP scope includes all relevant DigiCert entities, services, and supporting functions.

Business Impact Analysis (BIA)

• Coordinate and manage Business Impact Analyses (BIAs) across DigiCert’s critical business processes and systems.
• Partner with business owners and technology teams to:
• identify critical processes and dependencies
• document Recovery Time Objectives (RTO), Recovery Point Objectives (RPO), and Maximum Tolerable Downtime (MTD)
• Ensure BIAs are reviewed regularly and approved by appropriate management stakeholders.

Disaster Recovery & Resiliency Oversight

• Maintain governance oversight of disaster recovery plans owned by DigiCert’s Infrastructure, Cloud and Engineering teams.
• Ensure alignment between DR plans and business continuity objectives.
• Track and report gaps between defined recovery objectives and test results.

Testing & Exercising

Develop and maintain a BCP/DR testing and exercise framework, including:

• tabletop exercises
• business continuity simulations
• coordination with technical disaster recovery tests
• Maintain an approved test schedule and ensure exercises are performed, documented, and reviewed.
• Capture lessons learned and track remediation actions to completion.

Audit, Assurance & Remediation Coordination

Serve as the primary BCP/DR governance point of contact for:

• internal audits (without performing audit activities)
• external auditors and assessors
• customer assurance inquiries
• Coordinate remediation of BCP/DR-related findings and recommendations.
• Ensure audit evidence and documentation are maintained and readily available.

Policy, Awareness & Enablement

• Support Governance-owned policies related to business continuity and resiliency.
• Partner with training and communications teams to support awareness of BCP/DR roles, responsibilities, and activation procedures.
• Assist in maintaining reference materials and guidance for continuity planning and exercises.

Reporting & Stakeholder Engagement

• Provide regular reporting on BCP/DR maturity, testing outcomes, risks, and remediation status to GRC leadership, Trust Office leadership and the CTRO.
• Act as a coordination point between Governance, Infrastructure, Engineering, Security, Legal, People Ops, and Business leaders.

What you will have

4+ years of experience in:

• Business continuity
• Disaster recovery
• Operational resilience
• Risk, Governance, or Compliance-related roles

Solid understanding of:

• BCP/DR frameworks and lifecycle management
• Business Impact Analysis methodologies
• RTO (Recovery Time Objective), RPO (Recovery Point Objective), and MTD (Maximum Tolerable Downtime) concepts
• Experience coordinating cross-functional initiatives with technical and non-technical stakeholders.
• Strong documentation, organization, and follow-up skills.
• Comfortable operating in a regulated and audit-sensitive environment.

Nice to have

• Experience with ISO/IEC 27001 or similar standards.
• Exposure to internal or external audit processes.
• Familiarity with SaaS, cloud, or highly available technology environments.
• Experience planning or supporting continuity or resilience exercises.
• Strong organizational and program management skills
• Confidence engaging with senior technical stakeholders
• Comfort operating with partial information and driving clarity
• Audit-ready mindset