Senior Manager, Business Continuity and Resilience

Prudentials purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured for our people customers and partners. We provide a platform for our people to do their best work and make an impact to the business and we support our peoples career ambitions. We pledge to make Prudential a place where you can Connect Grow and Succeed.

Job Title

Senior Manager Business Continuity & Operational Resilience

Location: Kuala Lumpur
Employment Type: Full-Time

Job Purpose

The Senior Manager Business Continuity & Operational Resilience is accountable for establishing governing and continuously strengthening the organisations enterprise-wide Business Continuity Management (BCM) and Operational Resilience capabilities.

This role ensures the organisation can continue critical business services protect customers and stakeholders and meet Bank Negara Malaysia (BNM) regulatory requirements during operational disruptions. The role provides strategic leadership regulatory assurance and credible challenge to senior management covering resilience across people processes technology facilities data and third-party arrangements.

Key Responsibilities

1. Enterprise BCM & Operational Resilience Framework

• Lead the design implementation governance and continuous enhancement of the enterprise BCM and Operational Resilience framework in line with BNM policy requirements Prudential Group standards and industry best practice.
• Establish and maintain enterprise-wide policies standards roles escalation mechanisms and minimum resilience expectations across business units subsidiaries and outsourced arrangements.
• Embed BCM and operational resilience requirements into business strategy change initiatives and risk management processes.
• Govern and develop the enterprise BC Coordinator network including standards training quality assurance and readiness uplift.
• Develop and execute an annual enterprise BCM and resilience training programme including role-based training simulations and tabletop exercises.

2. Business Impact Analysis (BIA) & Critical Business Services

• Oversee enterprise-wide Business Impact Analysis (BIA) activities to identify:
  • Critical and important business services
  • Customer financial operational reputational and regulatory impacts
  • MTPD RTO and RPO requirements
• Ensure BIAs are consistent risk-based auditable and regularly refreshed.
• Establish an enterprise methodology for identifying critical services assessing criticality and managing annual refresh cycles.
• Ensure each critical or important business service has:
  • A named service owner
  • Documented end-to-end dependencies
  • Approved resilience tolerances and recovery strategies
• Validate that recovery strategies align with BNM disruption tolerances and internal risk appetite.

3. Operational Resilience & Scenario Testing

• Lead the identification of Important Business Services (IBS) from a customer and financial system perspective.
• Design and execute severe-but-plausible scenario testing including:
  • Technology and cyber disruptions
  • Facilities unavailability
  • Workforce disruptions
  • Third-party / outsourcing failures
  • Prolonged system outages and data integrity incidents
• Own the enterprise annual BCM crisis management and DR testing plan for critical systems.
• Partner with Technology to review and challenge disaster recovery (DR) strategies and test outcomes including retesting where required.
• Maintain an enterprise resilience issues register driving accountable remediation and senior management oversight.
• Ensure testing results lead to tangible and sustainable resilience improvements not lessons learned only.

4. Crisis Management & Incident Response

• Act as key advisor and secretariat to the Crisis Management Team (CMT).
• Provide guidance during major operational disruptions including prolonged system outages and material incidents.
• Coordinate post-incident reviews to ensure:
  • Root causes are identified
  • Control gaps are addressed
  • Lessons learned are embedded into policies procedures and testing

5. Regulatory Compliance Audit & Assurance

• Ensure compliance with BNM requirements and Prudential Group policies across:
  • Business Continuity Management
  • Operational Risk
  • Outsourcing and Third-Party Risk
  • Technology and Cyber Resilience (where applicable)
• Serve as the primary point of contact for BNM engagements regulatory reviews thematic inspections and audits related to BCM and resilience.
• Lead regulatory submissions supervisory responses and audit issue remediation ensuring timely and sustainable closure.
• Monitor emerging regulatory developments and advise management on impact and readiness.

6. Governance Reporting & Authority

• Act as the enterprise BCM and Operational Resilience subject matter authority approving methodologies and setting minimum standards.
• Provide regular management and Board-level reporting on BCM maturity testing outcomes material incidents and remediation status.
• Establish and maintain clear enterprise RACI and coordination mechanisms across service owners BC coordinators and corporate functions.

7. Outsourcing Third-Party & Technology Resilience

• Oversee BCM and resilience requirements across outsourced and third-party arrangements including critical service providers technology vendors and facilities partners.
• Partner with Technology Cyber Security Procurement Vendor Management and Risk teams to:
  • Assess third-party recovery capabilities
  • Identify and mitigate concentration and single-point-of-failure risks
  • Ensure contractual BCM and testing obligations are established and evidenced
• Review and challenge resilience assumptions between internal dependencies and vendor recovery capabilities.

8. Senior Stakeholder & Board Engagement

• Act as a trusted advisor to senior management risk committees and Board forums on BCM and Operational Resilience matters.
• Deliver clear concise and risk-focused insights highlighting customer financial and regulatory impacts.
• Influence senior leaders to drive accountability ownership and timely remediation across functions.

9. People Leadership & Capability Building

• Lead coach and develop BCM and resilience resources.
• Build organisation-wide resilience awareness through training simulations and crisis exercises.
• Foster a strong resilience culture aligned with regulatory expectations and organisational values.

10. Resilience MI Reporting & Insights

• Develop and maintain enterprise resilience dashboards covering coverage testing outcomes issues and service readiness.
• Ensure MI is aligned to Group and local expectations with clear trends and executive-level actions.

Qualifications & Experience

Mandatory

• Bachelors degree in Business Risk Management Finance IT or related discipline
• 812 years of experience in BCM Operational Resilience Operational Risk or Technology Risk within a BNM-regulated financial institution
• Proven experience engaging with BNM auditors and senior management
• Demonstrated track record leading enterprise BCM and resilience programmes including regulatory and audit remediation

Preferred

• Experience in Second Line of Defence (2LOD) roles
• Professional certifications (e.g. MBCI CBCI CBCP EDRP)
• Exposure to ISO 22301 / operational resilience frameworks
• Experience with BCM resilience or GRC platforms

Skills & Personal Attributes

• Strong understanding of BNM regulatory expectations
• Excellent stakeholder management and influencing skills
• Clear and confident senior-level communicator
• Strong analytical judgement and decision-making under pressure
• High integrity professionalism and accountability

Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex race age ethnic origin educational social and cultural background marital status pregnancy and maternity religion or belief disability or part-time / fixed-term work or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.