IT Resilience Consultant for a global bank leads strategic development of a comprehensive resilience framework. Collaborating with senior management, they define and shape the operational resilience strategy, ensuring alignment with UK, EU regulations and best practices.
Key Responsibilities:
* Act as a key advisor to senior management, providing insights and recommendations to define the organization's operational resilience strategy.
* Collaborate with leadership to ensure that resilience goals align with broader business objectives and regulatory expectations.
* Support the ongoing refinement of the group's operational resilience strategy ensuring the group is agile and adaptable to evolving threats and opportunities.
* Ensure harmonisation of the operational resilience framework across the organization's global footprint, addressing third-party risk, IT infrastructure, and business-critical functions.
* Ensure consistency in resilience policies and controls across all business units globally.
Resilience Risk Management and Reporting:
* Ensure compliance with UK and EU regulations, including NIS2, DORA, and FCA/PRA guidelines.
* Lead resilience-related second-line risk assessments and collaborate with regulators to demonstrate the organization's commitment to operational resilience and risk management.
* Develop key resilience metrics and provide comprehensive reports to senior management and regulatory bodies on the organization's resilience.
* Propose actionable insights and strategic recommendations to mitigate identified risks and enhance resilience capabilities.
Resilience Controls:
* Provide second-line oversight to the development and management of IT service continuity plans, ensuring that critical systems and applications can recover swiftly from disruptions.
* Align business continuity strategies with IT architecture and service continuity, ensuring that both physical and digital assets are covered.
* Implement resilience controls, including ISO 27001 and ISO 22301, to manage both IT and operational risks effectively.
Testing:
* Design and lead comprehensive resilience testing frameworks, network and application testing, as well as scenario testing.
Incident and Crisis Management:
* Provide second-line oversight for crisis management, ensuring that incident response plans are well-defined and regularly tested.
* Embed major incident management and reporting best practice.
* Support senior leadership during real-time crisis events, ensuring coordination across IT, security, and operations.
Stakeholder Engagement and Training:
* Engage with internal and external stakeholders, including senior management, regulators, and third-party providers, to ensure resilience objectives are well understood and executed.
* Provide training and development to first-line teams, ensuring organizational readiness in business continuity, IT service continuity, and resilience testing.
Essential Skills and Experience:
* Extensive experience in operational resilience, information security, IT audit, or architecture, with a proven track record in shaping resilience strategy.
* Strong knowledge of UK, EU, and international resilience regulations, including NIS2, DORA, FCA, and PRA.
* Experience implementing industry standards such as ISO 27001 and ISO 22301. Expertise in IT service continuity, resilience testing, and integrating resilience frameworks with IT architecture.
* Proven ability to collaborate with senior management to define and execute strategic resilience initiatives.
Preferred Skills and Experience:
* Experience managing resilience across multinational operations with a focus on cross-border IT service continuity.
* A proven track record in developing resilience metrics, conducting risk assessments, and reporting resilience performance.
* Familiarity with third-party risk management and its impact on operational resilience.