Language Fluency: English (Required)

Work Shift:

Please review the following job description:

ESSENTIAL DUTIES AND RESPONSIBILITIES
Following is a summary of the essential functions for this job. Other duties may be performed both major and minor which are not mentioned below. Specific activities may change from time to time.
1. Enterprise Response Leadership:
a. Own the enterprise framework for managing enterpriselevel incidents across all categories (technology cyber physical operational political etc.).
b. Lead a structured escalation and decisionmaking process with defined authority thresholds.
c. Lead and drive the incident management process organization and teams ensuring alignment with organizational objectives regulatory requirements and industry best practices.
d. Act as an Enterprise Incident Management advocate with business units ensuring business buyin and facilitating integration of second line policies standards and minimum requirements.
e. Ongoing subject matter expertise on all Enterprise Incident Management regulatory requirements defining threats and risk scenarios to provide recommendations on changes or program enhancements required to address such requirements and threats.
f. Understand and apply internal policies/procedures laws and regulations and managing to regulatory requirements including but not limited to: FFIEC OCC FINRA and Federal Reserve.
2. Team Leadership & Talent Strategy:
a. Build and lead a highperforming Enterprise Incident Management team including seasoned Incident Commanders. Define roles responsibilities and coverage to ensure 24/7 response readiness.
b. Train advise and partner with other teams to identify prepare for manage and identify lessons learned from critical incidents and crises through robust standards and processes.
c. Drive the socialization adoption consistent and appropriate implementation and ongoing maintenance of the Enterprise Incident Management policies standards methods etc. across the bank.
3. Command & Control Execution:
a. Establish strong command and control of an incident establishing clear accountability/ownership and methodical evaluation of complex issue scenarios.
b. Direct incident triage assessment and response coordination with clear ownership and accountability. Activate enterpriselevel response plans and ensure accurate situation reporting to the Csuite and Board when required.
c. Oversee the creation and management of crisis response teams ensuring effective coordination during incidents.
d. Act as a central point of contact for all enterprisewide incidents.
e. Manage the escalation assessment and resolution of incidents ensuring the appropriate stakeholders are involved at each stage of the incident lifecycle.
f. Oversee incident recovery efforts ensuring business continuity and the swift resumption of critical operations.
g. Serve as internal spokesperson for crisisrelated issues when required ensuring accurate and timely updates to internal stakeholders senior leaders including the Operating Council.
4. CrossFunctional Integration:
a. Serve as the central coordination point for Technology Cybersecurity Corporate Communications Legal Physical Security Privacy Compliance Fraud Financial Crimes Facilities and ThirdParty Management and the Business during highimpact events.
b. Continuously enhance incident management standards procedures and response frameworks.
c. Foster strong relationships with line of business operations legal risk compliance etc. to ensure a coordinated and effective response to incidents.
d. Work with stakeholders and internal business units to establish provide and agree on clear goals objectives and performance delivery outcomes as well as timelines for Enterprise Incident Management.
5. Program Development & Maturity:
a. Design and implement a scalable incident management operating model aligned with the enterprise resilience strategy. Develop incident classification models escalation triggers and response playbooks to drive repeatable excellence under pressure.
b. Build and execute incident management training programs for employees at all levels including senior management incident response teams and key operational groups.
c. Participate and at times facilitate crisis simulation exercises to test response protocols and identify gaps in current processes.
d. Maintain appropriate Risk Profile through proactively identifying risks and implementing the necessary mitigations where warranted. Partner effectively with 2nd line of defense Audit and regulators to ensure Risk is identified and mitigated.
e. Stay up to date with emerging trends regulations and best practices related to enterprise risk and incident management.
f. Ensure compliance with relevant regulatory requirements related to crisis management and incident response in the financial services industry.
6. Collaboration with Continuity Management:
a. Partner with the Head of Continuity Management to ensure seamless alignment across incident response business continuity and disaster recovery efforts. Jointly oversee readiness exercises and simulation programs.
7. Metrics & PostIncident Review:
a. Establish enterpriselevel KPIs for incident response.
b. Lead afteraction reviews to extract insights and embed continuous improvement into the program.
c. Work closely with senior executives to provide regulator updates on incident management activities lessons learned and recommendations for continuous improvement.
d. Coordinate the return of structures systems and personnel to functional states equal to or better than precrisis conditions.

QUALIFICATIONS
Required Qualifications:
The requirements listed below are representative of the knowledge skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

1. Bachelors degree or equivalent work experience
2. 15 years of progressive leadership experience in crisis or incident management enterprise risk operations technology or resilience
3. Expertise in DR/BC frameworks including ISO 22301 National Institute of Standards and Technology (NIST) or Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook (IT Handbook) and Financial Services regulatory standards required.
4. Proven ability to lead under pressure with executive presence and sound judgment
5. Deep experience navigating matrixed organizations and aligning stakeholders with competing priorities
6. Skilled in developing and implementing enterprisewide frameworks processes and governance structures
7. Familiarity with regulatory expectations and industry standards for operational and technology resilience
8. Exceptional communicator capable of briefing executive leadership boards and crossfunctional partners with clarity and impact
9. Experience in crisis management business continuity resiliency operational resiliency
10. Experience leading an enterprise incident management program particularly for a large financial services or multinational firm
11. Excellent written and verbal communication skills with ability to express complex concepts and processes in a straightforward manner
12. Excellent leadership and influence skills
13. Adept with Microsoft Office products

Preferred Qualifications:
1. Advanced degree strongly preferred (e.g. Master of Business Administration Risk Management or relevant masters degree)
2. 20 years in senior leadership positions across lines of business functions and/or technology in financial services industry
3. Experience developing and enhancing documentation and communications reports using a wide array of information sources and publishing to different audiences including senior management corporate risk groups and regulators
4. Adaptable to rapid largescale changes in business processes and organizational structure
5. Comfortable working in a complex matrix environment with simultaneous responsibility to business line management and department group and corporate level risk teams
6. Experience presenting to Regulators including but not limited to the Federal Reserve Board (FRB) Office of the Comptroller of the Currency (OCC) and the Federal Deposit Insurance Corporation (FDIC)
7. Industry Certifications including Certified Business Continuity Professional (CBCP) Master Business Continuity Professional (MBCP) Certified Information Systems Security Professional (CISSP) or similar certifications are preferred.