IT Risk & Resiliency Manager - TSS

Guaynabo, PR

At Triple S, we are committed to provide meaningful job experiences for Valuable People (Gente Valiosa). We encourage an environment of very high ethical standards, always excelling in service, collaboration among the company, agility to deliver timely, and embracingaccountability for results.

When you join Triple S, you will be key to our efforts on delivering high-quality and affordable healthcare as well as contribute to our purpose to enable healthier lives. We serve more than 1 million consumers in Puerto Rico through our Medicare Advantage, Medicaid, Commercial, Life and Property & Casualty Businesses.

Let’s build healthier communities together, join now!

Responsible for developing, implementing, and managing the company's IT risk management framework and ensuring robust IT resiliency capabilities. This critical role involves identifying, assessing, mitigating, and monitoring technology-related risks across the enterprise. Will lead the IT Business Continuity/Disaster Recovery (BC/DR) program, manage compliance with risk policies, and drive a culture of risk awareness and operational resilience within the IT organization and across the business.

• Lead and manage the end-to-end IT Business Continuity and Disaster Recovery program.
• Define and maintain the IT BC/DR strategy, ensuring alignment with organizational business impact analysis (BIA) and risk appetite.
• Oversee the development, documentation, and maintenance of comprehensive, actionable BC and DR plans for critical IT systems and infrastructure.
• Plan, coordinate, and execute regular, rigorous BC/DR testing and exercises (tabletop, functional, full-scale) to validate the effectiveness of recovery strategies and plans.
• Collaborate with the Incident Response team to ensure seamless integration of recovery procedures into the overall IT incident management process.
• Ensure IT practices and controls comply with relevant laws, regulations, and internal policies (e.g., SOX, GDPR, HIPAA, PCI DSS).
• Act as the primary IT liaison for internal and external audits related to IT risk, BC/DR, and controls, coordinating responses and remediation efforts.
• Contribute to the Third-Party Risk Management program by assessing and managing the resiliency and risk posture of critical IT vendors and service providers.
• Develop and deliver training and awareness programs to educate IT staff and business users on IT risk, security, and BC/DR best practices.
• Conduct DR failover, failback, and restore activities, validating application and data recovery.
• Work with IT and business stakeholders to develop and track remediation plans for identified risks, ensuring timely and effective control implementation.
• Deliver operational dashboards and executive-level reports on RPO/RTO, backup/replication health, and recovery readiness.
• Design, implement, and continually improve resiliency programs that prepare Triple-S to respond to business disruptions, technology outages, and crises.
• Organize and execute company-wide risk assessments as well as business impact analyses, identifying key threats and evaluating preparedness.
• Work closely with teams managing BC, DR, and CM teams to drive strong alignment and robust and integrated response plans.
• Create and update dashboards, reports, and metrics that help senior leaders monitor firm resilience and mitigation progress.
• Maintain and regularly update the enterprise risk register, tracking mitigation actions and monitoring emerging threats.
• Drive other resiliency participants or technical staff, setting clear priorities and developing team capabilities.
• Manage resiliency program budgets, timelines, and reporting requirements.
• Establish metrics, dashboards, and KPIs to monitor resiliency posture and track improvement.
• Partners with business continuity managers to align technical DR plans with business continuity priorities.
• Collaborate with InfoSec/SecOps. Collaborate with Compliance/Risk team to assure adherence
• Participates in joint incident response exercises
• Provides business units with reporting on recovery capabilities, test outcomes, and risks that may impact operations.
• Works with application owners to define application-level recovery needs

Bachelor’s degree in computer science, Information Technology, or related field (or equivalent experience). 7+ years in IT resiliency, infrastructure, systems administration, or disaster recovery roles preferable in the Health Insurance Industry. 3+ years in management or technical leadership role. Experience with regulatory frameworks and risk management methodologies.

It is company policy to seek for the qualified applicants for positions throughout the company without distinction of race, color, national origin, religion, sex, gender identity, real or perceived sexual orientation, civil status, social condition, political ideologies, age, physical or mental disability, veteran status or any other characteristic protected by law. Drug-free company.

Equality Employment Opportunity/Affirmative Action for People with Disabilities/Veterans. Employer with E-Verify to verify the eligibility of employment of all the new employees.

We encourage Veterans and Disabled to Apply.