Business Continuity Analyst

Where you will work: This position offers a hybrid work option up to 50% remote and is based out of the MN-Mankato, MN-Lakeville, WI-Sun Prairie, or IL-Bloomington office locations.

The contributions you will make:

This position creates, implements, and maintains corporate-wide security and business continuity programs that assist in improving the overall security posture and business continuity capabilities of the organization. It provides guidance, assurance, and information protection to maintain the confidentiality, integrity, and availability of Compeer's critical resources. The role contributes knowledge and expertise to ensure that information assets are protected and available. You will guide solutions to promote secure business-to-business initiatives, third-party relationships, outsourced solutions, and vendors. It also provides mentorship and guidance to less experienced team members.

A typical day:

Business Continuity

• Recommends business continuity and disaster recovery strategic plans and roadmaps, including all aspects of planning, preparation, and practice.
• Creates, implements, and maintains comprehensive plans and practices to achieve efficient and effective communication and restoration of operations during emergencies.
• Meets with all business units to understand key processes and technology needs in a disaster recovery situation.
• Conducts assessments and Business Impact Analysis interviews to identify gaps in business continuity, emergency, and disaster recovery plans.
• Facilitates executive and business function business continuity tabletop exercises.
• Supports other organizational tabletop simulation formation and testing.
• Coordinates scheduling, testing, and reporting outcomes with Business Technology and other departments.
• Ensures regular review and update of Disaster Recovery Plans.
• Captures event lessons learned and ensures timely and effective remediation.
• Analyzes and develops current and future security and business continuity best practices.
• Configures and implements emergency notification communications.
• Works with business units to understand products and processes to develop and implement controls and safeguards consistent with the organization's strategic goals.

Incident Management

• Recommends incident response plans and program capabilities, including planning, preparation, and practice.
• Serves as a primary incident handler for emergency, disaster, and security events or incidents.
• Leads incident response and business process control formation to mitigate risk.
• Provides procedural improvements to reduce business impacts of events and increase response effectiveness.
• Sets direction and assists in establishing priorities for projects with a focus on mitigating losses, protecting client data, and reducing reputation risk.
• Researches and responds appropriately to any security or potential security incidents.
• Establishes and follows appropriate notifications and escalation processes.
• Plans and performs assessments on program risks.
• Drafts and submits incident reports.
• Correlates incident data to identify specific vulnerabilities and makes recommendations that enable expeditious remediation.

Security Analysis

• Remains current with new security threats and assesses systems and solutions to ensure they can defend the business.
• Researches capabilities of current and new solutions and makes recommendations to the security group on a consistent basis.
• Researches, validates, and utilizes solutions meeting security and business needs.
• Develops security team standards, policies, procedures, and processes.
• Drives security efficiencies, enabling security team members to work on more advanced tasks.
• Partners with Business Technology on security configuration standards for systems and business applications.
• Participates in technical and non-technical projects requiring information security oversight and ensuring policies and procedures are met.
• Recommends security solutions and effective improvements to existing security controls.
• Provides cybersecurity guidance to leadership.
• Assesses the effectiveness of controls.
• Analyzes and reports system security posture trends.

Training and Curriculum Development

• Designs, develops, and implements ongoing business continuity training programs to ensure all team members are aware of business continuity responsibilities.
• Conducts interactive training exercises to create an effective learning environment.
• Develops new or identifies existing awareness and training materials that are appropriate for intended audiences.
• Writes instructional materials (e.g., Business Continuity operating procedures, plan materials) to provide detailed guidance to relevant portions of the workforce.
• Develops or assists in the development of computer-based training modules, training policies and protocols for training.
• Presents technical information to technical and nontechnical audiences.
• Delivers training courses tailored to the audience and physical/virtual environments.

The skills and experience we prefer you have:

• Bachelor's degree in computer science, management information systems, or related field, OR an equivalent combination of education and experience sufficient to perform the essential functions of the job.
• Expert-level experience in business continuity, disaster recovery, information technology, risk management, security services, process review, and/or emergency preparedness and management. Deep expertise in business continuity, disaster recovery, cybersecurity, risk management, and compliance frameworks.
• Proven ability to stay ahead of evolving cyber threats, adapting to new attack methods, and driving measurable improvements in monitoring and response at scale.
• Strong analytical, problem-solving, and decision-making skills with attention to detail.
• Effective communicator with strong written, verbal, and interpersonal skills; capable of engaging all levels of an organization.
• Advanced skill in incident response, risk analysis, system monitoring, and aligning technical solutions with business requirements.
• Advanced experience in change and project management, as well as technical disaster recovery testing and tabletop exercises.
• Knowledge of regulatory compliance, privacy laws, and media production techniques for effective communication and training design.
• Ability to work independently or collaboratively, demonstrating integrity, adaptability, and leadership under pressure.

How we will take care of you:

Our job titles may span more than one career level (associate, senior, principal, etc.). The actual title and base pay offered is dependent upon many factors, such as: training, transferable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future. This role is eligible for variable compensation and other benefits.