Tompkins Community Bank
Operational Resilience & Risk Manager
Tompkins Community Bank, Northeast Ithaca, New York, United States
Join to apply for the
Operational Resilience & Risk Manager
role at
Tompkins Community Bank
The Resilience & Risk Manager leads the company’s Business Continuity & Operational Resilience Program, ensuring critical services remain available during disruptions and that information security risks stay within defined tolerances. This role partners with business leaders, IT teams, and Information Security team members to strengthen resilience, security, and regulatory compliance across processes, technology, and third‑party relationships. The manager creates comprehensive documentation and reports for senior management, recommending improvements to keep information security risk within defined tolerances and company appetite. The role ensures alignment with FFIEC, NYDFS Part 500, GLBA, SOX, ISO 22301, NIST, and other industry frameworks.
Responsibilities
Own and manage the enterprise‑wide Business Continuity & Operational Resilience Program, including governance and reporting to senior leadership and risk committees.
Coordinate and lead Disaster Recovery planning, annual testing, and scenario‑based exercises, including post‑mortem reviews and continuous improvement.
Conduct Business Impact Assessments (BIAs) and impact tolerance assessments for critical services, mapping dependencies across people, processes, technology, and third parties.
Develop and maintain crisis communication plans and ensure readiness for regulatory reporting during major incidents.
Align resilience strategies with regulatory requirements and industry standards (FFIEC, NYDFS, ISO 22301, NIST CSF).
Produce audit‑ready documentation, metrics, and KPIs demonstrating program effectiveness and maturity.
Collaborate with Third‑Party Risk Management to assess vendor resilience and risk.
Review technology architecture and design for resilience controls, integration dependencies, and cyber resilience measures.
Integrate threat intelligence and emerging risk analysis (cloud, AI, geopolitical) into resilience planning.
Support InfoSec governance activities and system administration for resilience and risk tracking.
Participate in incident response, regulatory reporting, and executive‑level crisis management.
Promote awareness through training sessions, tabletop exercises, and education initiatives.
Maintain expertise in operational resilience trends, regulatory changes, and best practices.
Qualifications
Bachelor’s degree in Computer Science, Information Systems, or related field.
7+ years in IT and/or Information Security; 3+ years in financial services.
Hands‑on experience with Business Continuity, Disaster Recovery, and Operational Resilience programs.
Strong understanding of information security risk analysis, banking systems, and regulatory frameworks.
Preferred Qualifications
Certifications: CISSP, CISM, CBCP, ISO 22301 Lead Implementer, Security+, PMP.
Experience with GRC platforms (LogicGate), cyber resilience planning, and regulatory exam preparation.
Benefits
Medical
Dental
Vision
401(k) Match
Profit Sharing
Paid Time Off
11 Holidays
Tuition Reimbursement
Free Parking throughout Tompkins Community Bank
Employee Referrals
EEO Statement Tompkins is committed to a policy of Equal Employment Opportunity ("EEO") with respect to all team members and applicants for employment and a work environment free from discrimination (including unlawful harassment) based on race, color, religion, sex, sexual orientation, transgender status, gender non‑conformity, gender identity, gender expression, national origin, age, marital status, domestic violence victim status, disability, predisposing genetic characteristics, military or veteran status or status in any group protected by federal, state, or local law. For more information, please click here
Pay Range: USD $103,000.00 - $125,000.00 per year.
Seniority level: Not Applicable
Employment type: Full‑time
Job function: Finance and Sales
Industry: Banking
Referrals increase your chances of interviewing at Tompkins Community Bank by 2x.
Get notified about new Operational Risk Manager jobs in Ithaca, NY.
#J-18808-Ljbffr
Operational Resilience & Risk Manager
role at
Tompkins Community Bank
The Resilience & Risk Manager leads the company’s Business Continuity & Operational Resilience Program, ensuring critical services remain available during disruptions and that information security risks stay within defined tolerances. This role partners with business leaders, IT teams, and Information Security team members to strengthen resilience, security, and regulatory compliance across processes, technology, and third‑party relationships. The manager creates comprehensive documentation and reports for senior management, recommending improvements to keep information security risk within defined tolerances and company appetite. The role ensures alignment with FFIEC, NYDFS Part 500, GLBA, SOX, ISO 22301, NIST, and other industry frameworks.
Responsibilities
Own and manage the enterprise‑wide Business Continuity & Operational Resilience Program, including governance and reporting to senior leadership and risk committees.
Coordinate and lead Disaster Recovery planning, annual testing, and scenario‑based exercises, including post‑mortem reviews and continuous improvement.
Conduct Business Impact Assessments (BIAs) and impact tolerance assessments for critical services, mapping dependencies across people, processes, technology, and third parties.
Develop and maintain crisis communication plans and ensure readiness for regulatory reporting during major incidents.
Align resilience strategies with regulatory requirements and industry standards (FFIEC, NYDFS, ISO 22301, NIST CSF).
Produce audit‑ready documentation, metrics, and KPIs demonstrating program effectiveness and maturity.
Collaborate with Third‑Party Risk Management to assess vendor resilience and risk.
Review technology architecture and design for resilience controls, integration dependencies, and cyber resilience measures.
Integrate threat intelligence and emerging risk analysis (cloud, AI, geopolitical) into resilience planning.
Support InfoSec governance activities and system administration for resilience and risk tracking.
Participate in incident response, regulatory reporting, and executive‑level crisis management.
Promote awareness through training sessions, tabletop exercises, and education initiatives.
Maintain expertise in operational resilience trends, regulatory changes, and best practices.
Qualifications
Bachelor’s degree in Computer Science, Information Systems, or related field.
7+ years in IT and/or Information Security; 3+ years in financial services.
Hands‑on experience with Business Continuity, Disaster Recovery, and Operational Resilience programs.
Strong understanding of information security risk analysis, banking systems, and regulatory frameworks.
Preferred Qualifications
Certifications: CISSP, CISM, CBCP, ISO 22301 Lead Implementer, Security+, PMP.
Experience with GRC platforms (LogicGate), cyber resilience planning, and regulatory exam preparation.
Benefits
Medical
Dental
Vision
401(k) Match
Profit Sharing
Paid Time Off
11 Holidays
Tuition Reimbursement
Free Parking throughout Tompkins Community Bank
Employee Referrals
EEO Statement Tompkins is committed to a policy of Equal Employment Opportunity ("EEO") with respect to all team members and applicants for employment and a work environment free from discrimination (including unlawful harassment) based on race, color, religion, sex, sexual orientation, transgender status, gender non‑conformity, gender identity, gender expression, national origin, age, marital status, domestic violence victim status, disability, predisposing genetic characteristics, military or veteran status or status in any group protected by federal, state, or local law. For more information, please click here
Pay Range: USD $103,000.00 - $125,000.00 per year.
Seniority level: Not Applicable
Employment type: Full‑time
Job function: Finance and Sales
Industry: Banking
Referrals increase your chances of interviewing at Tompkins Community Bank by 2x.
Get notified about new Operational Risk Manager jobs in Ithaca, NY.
#J-18808-Ljbffr