Head of Resilience Emerging Risks and Innovations

• This is a senior role within the Group's Operational Resilience Function. As a deep operational resilience expert, with proven technology experience, you will support the firm to be agile enough to take new opportunities whilst navigating the threats and risks associated with the complex environments it operates in.
• The role sits at the intersection of strategic foresight, innovation and cross industry collaboration. You will be responsible for continuously strengthening the firm’s resilience posture by embedding emerging risk intelligence into frameworks, standards and capabilities, and by identifying and integrating innovative approaches that drive material resilience improvements.
• The role holder will operate as a visible and credible thought leader both internally across the enterprise and externally across the sector, working collaboratively with peer institutions, regulators and industry bodies to raise systemic resilience standards.
• You will partner with Technology, Data, Cyber and AI strategy owners to assess and embed innovation within resilience design patterns, frameworks, and standards – ensuring adoption is governed, scalable and fit for a regulated environment.
• You will also guide HR, Property, Supplier Management and Business Units to manage resilience risks to ensure the bank, its customers, stakeholders and employees are able to benefit from innovation safely.

To develop, implement, and maintain an effective resilience strategy and Operational Recovery Planning and Incident Management framework aligned to industry leading standards and controls and regulatory expectations, to enable the bank to respond and recover important business services to severe but plausible scenarios, and minimise the impact to customers, clients, colleagues and the wider market.

• Socialisation and implementation of the resilience strategy and underpinning framework across the firm (e.g. SMRs and delegates, business / function resilience role owners and all colleagues), ensuring compliance to the standard and controls.
• Development and enhancement of the resilience, crisis and incident management framework to uplift recovery and response capabilities to ensure Important Business Services can continue to operate during disruption events to minimise the impact on customers, clients and the market.
• Operational Recovery Planning and Security Incident Management planning standards and controls enhancement according to industry practice, emerging threats and regulatory requirements.
• Provide oversight to the business and technology recovery capability improvements, and uplifts to third‑party (suppliers and Financial Market Infrastructure) recovery capabilities to enable Important Business Services to remain within or mitigate impact tolerance thresholds.
• Communication of the firm’s / business’ resilience position (risks and remediation) through clear and transparent scorecards / dashboards to enable effective investment decisions to the Board and Executive Committees, Control Forums and business stakeholders.
• Enhancement of resilience, crisis management and incident response and recovery capability through sophisticated, regular and adequate testing coverage to demonstrate Important Business Services’ ability to recover within impact tolerance for a severe but plausible scenario.
• Assurance that services and products are built resiliently by the business through the change management process (NAPAs, DRAs, material change process).
• Continually remain abreast of resilience and crisis and incident management developments, regulatory policy requirements and the emerging landscape.
• Mitigation of the impact of unexpected incidents by identifying , responding to and enabling the resolution of events that threaten the services, operations, infrastructure, colleagues and clients of the bank.
• Execution of responses to reported incidents and potential threats from various channels including intelligence, email, phone and monitoring systems prioritised by the assessed or actual impact to the bank.
• Documentation and analysis of past prioritised incident details, the steps to resolution and the lessons…