Senior Operational Resilience Manager

NYC-onsite

Job Description

The Senior Operational Resilience Manager will be responsible for developing, implementing, and overseeing the bank's strategy to ensure resilience against operational disruptions, cyber threats, and systemic risks. This role will lead enterprise-wide resiliency initiatives, ensuring alignment with regulatory expectations, industry best practices, and emerging threats. The ideal candidate will collaborate closely with technology, risk management, compliance, and business leadership to enhance operational integrity and incident response capabilities. This is a high-impact role requiring deep expertise in cybersecurity, operational risk management, and business continuity planning in a highly regulated financial environment.

Key Responsibilities
1. Enterprise Resilience Strategy Development
Develop and implement a comprehensive operational and cyber resiliency strategy aligned with regulatory requirements and industry standards.
Define resilience objectives, key risk indicators (KRIs), key performance indicators (KPIs), key control indicators (KCIs) and other relevant metrics to measure the effectiveness of resiliency programs.
Collaborate with senior leadership to embed resilience principles into business and technology processes.
Stay ahead of emerging risks, regulatory changes, and threat landscapes to refine and enhance resilience strategies.
2. Incident Management and Cyber Resilience
Oversee the development and execution of the bank's incident management framework, ensuring rapid response and recovery from information security and technology incidents.
Lead and design tabletop exercises and simulations to test cyber incident response and business recovery capabilities.
Coordinate with internal and external stakeholders (e.g., regulators, law enforcement, third-party service providers) during cyber events.
Ensure integration of cyber resilience into broader enterprise risk management and IT security functions.
3. Business Continuity and Disaster Recovery (BC/DR)
Develop and maintain enterprise-wide business continuity and disaster recovery plans, ensuring readiness to sustain critical business operations during disruptions.
Conduct regular BC/DR testing, audits, and training sessions to validate effectiveness and improve preparedness.
Work closely with technology teams to ensure recovery time objectives (RTOs) and recovery point objectives (RPOs) are met for critical systems.
Establish and maintain alternative operational processes to mitigate disruptions during system failures or cyber events.
4. Regulatory Compliance and Governance
Ensure compliance with all relevant regulatory frameworks (e.g., FFIEC, OCC, Basel, DORA) related to operational and cyber resiliency.
Serve as a key liaison with regulatory bodies and auditors, preparing reports and responses to inquiries regarding resilience programs.
Develop governance frameworks, policies, and procedures to enforce resilience-related mandates across the organization.
Foster a culture of compliance and resilience awareness throughout the bank.
5. Third-Party and Supply Chain Resilience
Assess and mitigate risks associated with third-party vendors, ensuring they meet the bank's operational and cyber resilience standards.
Establish rigorous due diligence processes for critical suppliers, including resilience testing and contractually mandated recovery capabilities.
Develop contingency strategies for vendor-related disruptions and ensure robust exit strategies for key service providers.
Collaborate with procurement and risk management teams to integrate resilience considerations into vendor selection and onboarding processes.
6. Threat Intelligence and Risk Monitoring
Develop and oversee an operational risk and threat intelligence program to proactively identify vulnerabilities and emerging threats.
Partner with cybersecurity, fraud prevention, and risk management teams to integrate threat intelligence into resilience planning.
Monitor key operational risk indicators and trends, ensuring timely action to mitigate potential disruptions.
Implement continuous improvement processes based on lessons learned from incidents, audits, and threat assessments.
7. Leadership and Stakeholder Engagement
Lead a cross-functional resiliency team, fostering collaboration between IT, risk management, compliance, and business units.
Provide executive leadership with regular briefings on resilience posture, key risks, and strategic initiatives.
Advocate for resilience investments, ensuring adequate funding and resource allocation for critical initiatives.
Champion a culture of resilience by driving awareness, training, and engagement across the enterprise.
Core Competencies
Experience & Expertise
o 15+ years of experience in operational resilience, cybersecurity, business continuity, or risk management within the financial sector.
o Proven leadership experience in a senior resiliency role at a highly regulated financial institution.
o Deep understanding of regulatory requirements such as FFIEC, OCC, Basel, and DORA, with experience managing regulatory interactions.
o Bachelor's degree in cybersecurity, information technology, business continuity, risk management, or a related field (Master's preferred).
o Industry certifications such as CISSP, CISM, CISA, CBCP, or CRISC strongly preferred.
Technical Skills
o Expertise in cyber resilience frameworks, incident response methodologies, and business continuity planning.
o Strong knowledge of operational risk management, threat intelligence, and IT disaster recovery strategies.
o Experience conducting and overseeing cyber resiliency tests, red team exercises, and tabletop simulations.
o Ability to analyze complex risks and develop practical, actionable resilience strategies.
o Familiarity with cloud resilience, third-party risk management, and systemic risk considerations in the financial sector.
Soft Skills & Leadership
o Strong executive presence with the ability to engage and influence C-suite leaders and board members.
o Proven ability to lead cross-functional teams and drive enterprise-wide resilience initiatives.
o Excellent verbal and written communication skills, with experience presenting to regulators, auditors, and senior stakeholders.
o Ability to thrive in a high-pressure environment, managing crises and business disruptions with a structured and strategic approach.