Head of US Business Continuity and Incident Management

Company: HSBC Group
Location: Depew
Posted on: January 15, 2022

Job Description:

Description -At HSBC, the health and well-being of our employees remains of utmost importance. - Many of our roles are permitted to work from home (in states in which HSBC is licensed to operate) until further notice. Upon resumption of normal operations, this role may be performed at our Depew, New York office.This role has a dual responsibility of Business Continuity/Incident Management and Operational Resiliency oversight for the United States Region. The Business Continuity and Incident Management (BCIM) team is responsible for managing any disruption associated with the loss or unavailability of people, systems, premises and third parties or any other incident where there is customer, regulatory, reputational and/or financial impact. - This is achieved preemptively by:Working jointly with the US Global Businesses and Global Functions (GB/GF) to establish and develop a consistent, pragmatic and effective operational approach to BCIM in line with Group Policy and Standards as well as Compliance and Regulatory expectations. - Bringing subject matter expertise to guide and advise each GB/GF on plan development, enduring effective controls are in place to minimize the impact and severity of an incident, and providing constructive review and challenge. - This includes performing risk assessments, business impact analyses, and ensuring adequate documentation of business continuity and disaster recovery procedures.Managing a team of business continuity professionals tasked with ensuring plans are maintained, tested, and enhanced, where possible, documenting recovery strategies and gaps. -This includes designing and facilitating periodic Table Top exercises to stress test the adequacy of existing plans in the context of a mock incident. - Providing clear strategic direction and leadership and building relationships with key stakeholders based on trust and a common understanding of roles and responsibilitiesEnsuring comprehensive understanding, documentation of, and contingency plans to address third party influences on our ability to operateStaying current on changes in regulations, ensuring compliance, and leading a quarterly update to regulators, the Board, and Executive management as requiredReviewing Major Incident Group (MIG) (the primary incident response committee) plans, ensuring MIG member awareness training and MIG invocation tests are performedDuring a live incident, the head of BCIM team is responsible for coordinating incident response by facilitating and supporting the execution of plans at the time of a crisis event.Facilitate the invocation of the MIG, perform the MIG Secretariat role, provide assistance to the Chair as required, and lead and facilitate execution of the plan and support plan navigation for the business at the time of an eventSupport Major Incident Group (or other relevant crisis management forum) with critical components of the plan in order that they can make critical decisionsProvide visibility and reporting to the MIG, Regulators, Board and Executive Management, as required, on incident status and response actions, ensuring awareness across all impacted areasAct as an escalation path and advise and guide the MIG Chair on regional MIG invocationEnsure that MIG assurance activity occurs as directed in policy and all MIG control activity is tracked and reported to the appropriate forumsEnsure MIG incident logs are maintained across the region and that MIG status update e-mails are authored and sent following each meetingEnsure ENS notifications are sent and report on the results/response as directed by the MIG ChairEnsure a Post Incident Report is completed in line with policy and share the issues identified for continuous improvement in other MIGIn addition to core BCIM responsibilities, the head of BCIM will be responsible for leading the development of operational resilience planning. - Operational Resilience is the ability to maintain the delivery of critical processes, through a disruption from any hazard. It is the outcome of effective operational risk management combined with sufficient financial and operational resources to prepare, adapt, withstand, and recover from disruptions in line with Group, Regulatory and US COO expectations. - This is achieved through:Developing and maintaining an inventory of US Important Business Processes Leading end to end process definition to identify potential points of failure within these processes, and ensuring adequate controls and procedures are in place to ensure resilienceDocumenting deficiencies and present to process owners to develop remediation plans and tracking through to completionEnsure alignment with Group Operational Resilience approach and methodology as well as with other functional prioritizations, including those maintained by the CDO, RRP & IT service level tiersAnalysis of End to End Control ProcessesLeverage the DBS transformation team to document end to end operational workflows.Engage appropriate IT stakeholders to provide systems flow diagrams that support the associated operational processes. Conduct walk-thrus with key operational and IT SME stakeholders to determine points of failure, existing controls and metrics, including third party processes Identify resilience improvement opportunitiesProduce final reports and review key findings in Resilience Governance forum to agree on remediation activities and timelines.Governance:In support of US COO, design and deliver a quarterly Operational Resilience governance forum meeting and associated reporting.Develop and provide reporting on the health of Important Business Processes, with focus on key control gaps and associated remediation activitiesDevelop and provide RAG status reporting for Important Business Processes utilizing a common methodology for process owners to assess the adequacy of operational resilienceNote: This is a newly created responsibility which will evolve over time including resourcing of key activities which may require direct staffing or utilize support from other existing teams within Digital Banking Services or other areas in the Bank - -Qualifications -The successful candidate will:Build and motivate a capable, supportive, and engaged BCIM Team, providing strong, directive regional leadership.Lead objective setting, performance management and assisting with development for all direct reports, steering team members, where required, to develop fully into their role, providing coaching and guidance as requiredCreate a team culture where openness and ideas are welcome and encouragedDevelop and maintain trusted relationships with Senior executives and regional/country/ Business CEOs/CRO'sPromote awareness of BCIM and Operational Resilience across the regionMaintain positive and proactive relationships with local RegulatorsPossess an in depth understanding of risk and controls, their evaluation, and what mitigation is possible in minimizing damage to our businessContribute to local compensation and grade review processBe able to continually assess and prioritize new and existing work demands and to work smart with limited resources to maximize outputBe an expert communicator both written and verbal and possess the confidence and gravitas to communicate and negotiate with all levels of management, regulators, and the BoardBe a self-starter and creative problem solver, able to operate independently, providing leadership and guidance on BCIM strategy versus needing direction thinkerPossess exceptional organization and planning skillsHold relevant industry qualifications and membership/leadership in relevant professional bodiesChallengesRegionally focused strategic initiatives and associated changes in concentrations of people/customer/business activity require a constant reevaluation of Operational Resilience risks and their impacts. New and emerging risks such as pandemics, climate change and cyber-attacks require constant changes to our incident management and business continuity planning processes. Regulators are not consistent in their approach in all countries and therefore flexibility is required locally. Lead local implementation of new systems and process adoption driven globallyAll qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. -Job Field: -TechnologyRole Workstyle: -Hybrid WorkingPrimary Location: -North America-United States-New York-DEPEWJob Type: -Permanent - Full TimeJob Posting: -14-Dec-2021, 22:13:20Closing date: -29-Jan-2022, 04:59:00

Keywords: HSBC Group, Buffalo , Head of US Business Continuity and Incident Management, Executive , Depew, New York