Head of Operational Resilience, Business Continuity and Third Party

Our Risk and Compliance function has a critical role to play in supporting, challenging, and advising across all areas of the business through establishing policy, monitoring profiles, and identifying and managing forward-looking risk and compliance. We focus on creating an environment that encourages our people to speak up and do the right thing, as well as protecting our customers, the organization, and the integrity of the financial markets in which we operate. Already an industry-leader in many respects, we want to continue setting standards and evolving to respond to strategic changes. We are currently seeking an experienced individual to join this Global Enterprise Risk Management (ERM) team in the role of Head of Operational Resilience (Business Continuity and Third-Party Risk). You will be responsible for overseeing operational resilience, business continuity, third party risk and data risk across HSBC UK including WPB and CMB, providing independent oversight, technical advice, and leadership to ensure the entities IT infrastructure and services are resilient, secure, and compliant with regulatory standards ensuring risks are managed within appetite. Global Enterprise Risk Management (ERM) is a sub function of Group Risk and Compliance. Its purpose is to make sure HSBC understands and effectively controls its non-financial risk position, through end-to-end oversight of processes, risks, and controls and by robust stewardship of the bank's risk appetite to comply with risk, business and regulatory priorities. It seeks to strengthen the risk culture across the organization through the application of effective policies and frameworks that drive consistent risk management practices across our businesses and functions at global, regional and market level. In this role, you will:

• Provide subject matter expertise advice and guidance as the primary point of contact for business continuity and third-party risk inquiries. You will also provide expert consultation and actionable insights to senior management and other stakeholders on risk-related matters.
• Lead comprehensive oversight reviews of the bank's risk and control environment concerning operational resilience and third-party management.
• Conduct periodic assessments and provide constructive challenge to identify gaps and enhance risk mitigation strategies. You will so Develop, own, and regularly update policies, frameworks, and standards related to operational resilience, business continuity and third-party risk management.
• Collaborate with senior leadership and cross-functional teams to foster a culture of risk awareness and resilience throughout the organization.
  
  Be a SME in risk management, with a focus on operational resilience, business continuity and third-party risk management in the banking or financial services sector.
• Expertise in risk management methodologies and tools to identify, assess, and manage resilience risks effectively.
• Experience in conducting risk assessments, developing risk management strategies, and overseeing the implementation of risk frameworks.
• Proficiency in developing and testing business continuity and disaster recovery plans to maintain IT service availability.
• Extensive knowledge of regulatory requirements and compliance standards in the banking industry relevant to operational resilience, business continuity and data risk such as ISO 22301 for business continuity and ISO 31000 for risk management.
The base location for this role is Birmingham/Sheffield/Edinburgh and with a hybrid working pattern.

Being open to different points of view is important for our business and the communities we serve. At HSBC, we're dedicated to creating diverse and inclusive workplaces. Our recruitment processes are accessible to everyone - no matter their gender, ethnicity, disability, religion, sexual orientation, or age.

As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.