CareFirst Careers

Risk Management Analyst (Hybrid) - Operational Reslience

Resp & Qualifications

The Risk Analyst (Business Continuity) is responsible for supporting the Operational Resilience team in developing and implementing all key program components of a business continuity/ operational resilience framework for CareFirst including without limitation: Governance, Scenario Development/ Testing, Crisis Management, Education & Awareness.


  • Support program leadership to develop business continuity plans, analyze business continuity data to identify major gaps and opportunities for better operational resilience strategies, and support business operations before, during, and after an incident.  Support periodic updates to business continuity plans including facilitating preparing business impact assessments in conjunction with the business and IT.
  • Support program leadership in designing and implementing governance around business continuity activities; prepare and deliver training to key internal stakeholders related to BCP practices, approach, and resources. Evaluate and monitor key operational activities to ensure the organization is compliant with business continuity and emergency preparedness legislations and requirements.
  • Support the Operational Risk Management teams engagement with senior leadership to develop risk tolerance levels and recovery objectives for operational resiliency and the coordination with key business and IT stakeholders to design, maintain, and test incident response plans and playbooks.
  • Contribute to facilitating tabletop exercises and live scenario exercises to test continuity plans, strengthen incident response, and support the Crisis Management response team during significant disruption events.
  • Regularly update the Business Continuity Policy and Standards documents to reflect the current program plans and business operating processes and collaborate with the Third Party Risk Management Oversight team to assess the BCP plans for key operational third-party vendors.
  • Support the development of the resiliency program reporting cadence with KPIs detailing program compliance, vulnerabilities, and performance.

    Education Level: Bachelor's Degree OR in lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.

    Experience: 3 years experience in a risk management, third party risk management, audit, compliance, security governance or legal services role.

    Preferred Qualifications:
  • Possess or in the process of obtaining a relevant business continuity certification (e.g., ABCP, CBCP).
  • Experience with Fusion or other industry risk/business continuity platforms
  • Experience in the healthcare industry

Knowledge, Skills and Abilities (KSAs)

  • Capabilities and experience in performing independent assessments, including compliance & legal reviews, contract reviews, testing controls, and developing & reviewing assessment reports.
  • Problem solver who works independently and within a team using interpersonal skills, including excellent oral and written communication skills.
  • Understands and possesses general project management skills relevant to performing assessment functions and responsibilities.
  • Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.


Salary Range: $57,600 - $114,400


Salary Range Disclaimer

The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the work is being performed. This compensation range is specific and considers factors such as (but not limited to) the scope and responsibilites of the position, the candidate's work experience, education/training, internal peer equity, and market and business consideration. It is not typical for an individual to be hired at the top of the range, as compensation decisions depend on each case's facts and circumstances, including but not limited to experience, internal equity, and location. In addition to your compensation, CareFirst offers a comprehensive benefits package, various incentive programs/plans, and 401k contribution programs/plans (all benefits/incentives are subject to eligibility requirements).


Third Party Risk Office

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer.  It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Where To Apply

Please visit our website to apply:

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.


The associate is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The associate must frequently talk and hear.  Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship


Not finding the right job?
Stay informed about future openings by joining one of our Talent Networks!

Learn more about Audit & Legal