Job Description

Key Responsibilities

Plan, execute, and report on disaster recovery audits across IT systems, infrastructure, and business units. Review and assess Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP) for adequacy, effectiveness, and compliance. Evaluate recovery time (RTO) and recovery point objectives (RPO) and validate alignment with business requirements. Assess backup and restoration processes, testing outcomes, and adherence to retention policies. Audit the effectiveness of DR drills, simulations, and post-test reviews, including root cause analysis of any failures. Review cloud and hybrid recovery configurations for security, redundancy, and compliance. Ensure compliance with international standards such as ISO 22301 (Business Continuity Management), ISO 27001 (Information Security Management), and NIST SP 800-34. Identify control weaknesses and provide risk-based recommendations for improvement. Collaborate with IT, Risk, and Compliance teams to ensure audit findings are tracked and remediated. Prepare and present comprehensive audit reports to management and governance committees.
Qualifications & Experience

Bachelor's Degree in Information Technology, Auditing, Risk Management, or a related field (or equivalent experience). 5+ years experience in IT auditing, risk management, or disaster recovery assessment. Proven experience auditing disaster recovery, cybersecurity, or business continuity frameworks. Strong understanding of IT governance frameworks (COBIT, ITIL, ISO 27001). Hands-on experience with data backup, storage, and recovery tools is an advantage. Certifications preferred: Certified Information Systems Auditor (CISA) Certified Business Continuity Auditor (CBCA) or CBCP ISO 22301 Lead Auditor ISO 27001 Lead Auditor CompTIA Security+ or CISSP (advantageous)
Job Types: Full-time, Part-time

Work Location: In person