Executive Director, Operational Resilience

Sumitomo Mitsui Banking Corporation•City of White Plains, NY

40d•$188,000 - $235,000•Hybrid

About The Position

The Executive Director of Third-Party Operational Resilience is responsible for the implementation, and maintenance of SMBC America’s Division's Operational Resilience framework with a focus on Third Parties. This position will also contribute along the Operational Resilience Lifecycle which includes identifying of Important Business Services, creating process maps, identifying critical applications and third parties, scenario testing and metrics monitoring. Responsibilities of the Department include developing resilience strategies, policies, and framework specific to SMBC that reflect changes to the environment and business operations; delivering business analytics and reporting, monitoring, and analyzing key risk and control indicators. The Operational Resilience team is accountable for (1) identifying all SMBC Americas Division (AD) Important Business Services, (2) create end-to-end process mapping and identify underlying people, technology and third-party assets associated with delivering the service, (3) test all Important Business Services (IBS) and (4) create Service Playbooks for each IBS on how to deliver the service in a crisis. This role will focus on all third-party attributes and ensure alignment with the overall Operational Resilience program.

Requirements

10+ years of experience in third-party risk management, preferably financial services.
Knowledge of core competencies across the 4 Pillars of Operational Resilience (1.) Business Resilience, (2.) Technology Resilience, (3.) Third Party Resilience, and (4.) Cyber Resilience.
Experience creating policy, procedure, and playbook documents. The ability to define problems, collect relevant information, and draw insightful conclusions.
Demonstrated success building or maturing a third-party risk function.
Strong communication, interpersonal, problem solving, organizational and time management skills.
Familiarity with operational risk and enterprise risk management best-practices and controls.

Responsibilities

Lead and develop the Third-Party Program within the Operational Resilience Operational Resilience Office.
Determine which qualitative/quantitative metrics and establish data collection protocols, validation data quality and develop comprehensive reporting tracking supplier remediation process, status, and actions. Develop and report comprehensive risk appetite metrics and Key Risk Indicators (KRIs) to monitor Critical third parties to management.
Collaborate with Business Owners to create contingency plans and exit strategies for the Firm’s most critical vendors.
Respond to internal and external audits, exams and requests for information.
Support the understanding of where third-party relationships exist, the services they provide, ability to recover, recovery alignment to service level recovery, interconnectedness of third parties, and review of their alignment to the Important Business Service.
Complete annual validations of all business continuity/disaster recovery plans for critical third parties to assure proper recoverability of the third-party.
Participate in post-incident reviews of all incidents related to the Firm’s critical third parties.
Proficiency in risk assessment methodologies, risk scoring models, concentration risk analysis, and fourth-party risk management.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume