Overview
Skills
Job Details
Onsite in NYC
Summary
The Crisis & Incident Management Lead is responsible for the strategic leadership and operational execution of the Bank's crisis and incident management program across the Americas. As part of the Operational Resilience team, this individual will ensure that the bank can effectively prepare for, respond to, and recover from a broad range of disruption scenarios, including:
Technology and cyber incidents
Third-party or supply chain failures
Natural disasters (e.g., hurricanes, earthquakes, wildfires)
Manmade disruptions (e.g., civil unrest, mass transit outages, workplace violence)
Geopolitical events (e.g., war, political instability, sanctions-triggered disruptions)
Pandemic or public health crises
Infrastructure outages (e.g., power, telecommunications, water supply)
The role will build a resilient culture through a proactive, risk-informed approach that integrates cross-functional crisis response, regulatory compliance, real-time command and control, and continuous improvement. Will serve as a senior escalation point for major incidents, lead the regional crisis response for significant incidents, and escalate where needed to the firmwide crisis governance forums.
The role reports directly to the Head of Resilience Management for the Americas and works closely with stakeholders across Technology, Risk, Cybersecurity, Legal, Communications, and Regulatory Affairs to embed a culture of resilience and readiness.
Key Responsibilities
Strategic Leadership
o Develop and lead a crisis and incident management strategy aligned to the bank's operational resilience framework and key business services.
o Translate regulatory expectations (e.g., FFIEC, DORA, OCC, PRA) into actionable, risk-informed response strategies.
o Establish and manage governance forums and escalation protocols for crisis and incident oversight.
o Support the definition and testing of impact tolerances and maximum tolerable downtimes (MTD/MTLD) in partnership with Operational Resiliency Testing Lead, Business, and Technology stakeholders.
Incident Response and Crisis Management
o Act as the lead coordinator during regional crises, ensuring structured, timely, and effective command, control, and communications.
o Maintain and continuously improve incident response plans, escalation playbooks, crisis decision trees, and communication protocols.
o Ensure that major incidents including those involving third parties and cyber events are managed in line with regulatory requirements.
o Integrate internal communications tools and channels into a unified communications strategy.
o Maintain and operate an auditable major incident log, with clear decision documentation, timelines, and actions taken.
Process and Technology Optimization
o Drive optimization of incident response processes using data analytics, metrics and automation opportunities.
o Ensure response tooling (e.g., incident management platforms, emergency notifications) is current, well-trained on, and continuously improved.
o Partner with Cyber, Technology, and Ops teams to align response processes and eliminate gaps in cross-domain coordination.
Regulatory Compliance and Audit Readiness
o Ensure full compliance with FFIEC, DORA, OCC, PRA
o Lead regulatory and internal/external audit preparation, ensuring crisis and incident management capabilities are evidenced through documentation, logs, post-incident reviews, and impact tolerance testing results.
o Integrate third-party and cyber risk response coordination into incident response playbooks, ensuring vendor engagement and joint response capabilities are embedded and tested.
o Conduct formal Root Cause Analysis (RCA) and post-incident reviews, identifying systemic issues and implementing corrective actions.
Team Leadership and Development
o Lead and mentor a high-performing team of crisis and incident managers, driving a culture of excellence, continuous learning, and cross-functional collaboration.
o Develop training programs for crisis response teams and executive stakeholders, including annual crisis simulations, tabletop exercises, and cross-jurisdictional response testing.
o Support team growth, succession planning, and skills development to future-proof the bank's resilience capabilities.
Core Competencies
Crisis Leadership
o Demonstrated ability to lead complex incident response efforts across business, technology, cyber, and third-party domains.
o Ability to manage multiple initiatives simultaneously, determine prioritization, and work under minimal supervision.
Strategic Vision
o Ability to define and execute crisis and incident management programs aligned with regulatory and business objectives.
o Ability to work at both a strategic and tactical level, focusing on the broader picture while driving execution.
Regulatory Acumen
o Deep understanding of financial compliance requirements and regulatory frameworks, including FFIEC, DORA, PRA and OCC.
Operational Discipline
o Skilled in developing response processes that are scalable, measurable, and auditable.
Influence & Communication
o Strong ability to engage and influence executive leadership and cross-functional teams under pressure.
Continuous Improvement
o Embeds lessons learned, metrics, and feedback loops into the resilience lifecycle.
Soft Skills & Leadership
o Strong leadership and project management skills.
o Excellent communication and stakeholder management skills, with the ability to influence technical and non-technical teams.
o Analytical mindset with a proactive approach to problem-solving and risk mitigation.
o Ability to thrive in a fast-paced, high-stakes environment with competing priorities
o Comfortable working in a highly global, diverse, and hybrid (office and virtual) work environment
o Strong communication and documentation skills.