Crisis & Incident Management Lead – Operational Resilience - Vice President

SummaryThe VP, Crisis & Incident Management Lead is responsible for the strategic leadership and operational execution of the Bank’s crisis and incident management program across the Americas. As part of the Operational Resilience team, this individual will ensure that the bank can effectively prepare for, respond to, and recover from a broad range of disruption scenarios, including:Technology and cyber incidentsThird-party or supply chain failuresNatural disasters (e.g., hurricanes, earthquakes, wildfires)Manmade disruptions (e.g., civil unrest, mass transit outages, workplace violence)Geopolitical events (e.g., war, political instability, sanctions-triggered disruptions)Pandemic or public health crisesInfrastructure outages (e.g., power, telecommunications, water supply)The role will build a resilient culture through a proactive, risk-informed approach that integrates cross-functional crisis response, regulatory compliance, real-time command and control, and continuous improvement. The VP will serve as a senior escalation point for major incidents, lead the regional crisis response for significant incidents, and escalate where needed to the firmwide crisis governance forums.The role reports directly to the Head of Resilience Management for the Americas and works closely with stakeholders across Technology, Risk, Cybersecurity, Legal, Communications, and Regulatory Affairs to embed a culture of resilience and readiness.Key ResponsibilitiesStrategic LeadershipDevelop and lead a crisis and incident management strategy aligned to the bank’s operational resilience framework and key business services.Translate regulatory expectations (e.g., FFIEC, DORA, OCC, PRA) into actionable, risk-informed response strategies.Establish and manage governance forums and escalation protocols for crisis and incident oversight.Support the definition and testing of impact tolerances and maximum tolerable downtimes (MTD/MTLD) in partnership with Operational Resiliency Testing Lead, Business, and Technology stakeholders. Incident Response and Crisis ManagementAct as the lead coordinator during regional crises, ensuring structured, timely, and effective command, control, and communications.Maintain and continuously improve incident response plans, escalation playbooks, crisis decision trees, and communication protocols.Ensure that major incidents—including those involving third parties and cyber events—are managed in line with regulatory requirements.Integrate internal communications tools and channels into a unified communications strategy.Maintain and operate an auditable major incident log, with clear decision documentation, timelines, and actions taken.Process and Technology OptimizationDrive optimization of incident response processes using data analytics, metrics and automation opportunities.Ensure response tooling (e.g., incident management platforms, emergency notifications) is current, well-trained on, and continuously improved.Partner with Cyber, Technology, and Ops teams to align response processes and eliminate gaps in cross-domain coordination.Regulatory Compliance and Audit ReadinessEnsure full compliance with FFIEC, DORA, OCC, PRALead regulatory and internal/external audit preparation, ensuring crisis and incident management capabilities are evidenced through documentation, logs, post-incident reviews, and impact tolerance testing results.Integrate third-party and cyber risk response coordination into incident response playbooks, ensuring vendor engagement and joint response capabilities are embedded and tested.Conduct formal Root Cause Analysis (RCA) and post-incident reviews, identifying systemic issues and implementing corrective actions.Team Leadership and DevelopmentLead and mentor a high-performing team of crisis and incident managers, driving a culture of excellence, continuous learning, and cross-functional collaboration.Develop training programs for crisis response teams and executive stakeholders, including annual crisis simulations, tabletop exercises, and cross-jurisdictional response testing.Support team growth, succession planning, and skills development to future-proof the bank’s resilience capabilities.Core CompetenciesCrisis LeadershipDemonstrated ability to lead complex incident response efforts across business, technology, cyber, and third-party domains.Ability to manage multiple initiatives simultaneously, determine prioritization, and work under minimal supervision.Strategic VisionAbility to define and execute crisis and incident management programs aligned with regulatory and business objectives.Ability to work at both a strategic and tactical level, focusing on the broader picture while driving execution.Regulatory AcumenDeep understanding of financial compliance requirements and regulatory frameworks, including FFIEC, DORA, PRA and OCC.Operational DisciplineSkilled in developing response processes that are scalable, measurable, and auditable.Influence & CommunicationStrong ability to engage and influence executive leadership and cross-functional teams under pressure.Continuous ImprovementEmbeds lessons learned, metrics, and feedback loops into the resilience lifecycle.Soft Skills & LeadershipStrong leadership and project management skills.Excellent communication and stakeholder management skills, with the ability to influence technical and non-technical teams.Analytical mindset with a proactive approach to problem-solving and risk mitigation.Ability to thrive in a fast-paced, high-stakes environment with competing prioritiesComfortable working in a highly global, diverse, and hybrid (office and virtual) work environmentStrong communication and documentation skills. Experience EssentialMinimum 10+ years of experience in crisis/incident management, operational resilience, or business continuity.Experience leading cross-border incident response and regulatory engagementExperience DesirableAt least 3 years of experience in a senior leadership role within the banking or financial services industry.Education EssentialBachelor’s degree in Risk Management, Information Technology, Business Continuity, or a related field.Education DesirableAdvanced degree (MBA, MS) is strongly preferred.Relevant industry certifications (CBCP, MBCI, CRISC, CISM, ITIL, or Certified Incident Manager) are strongly preferred.Required SkillsTechnical Knowledge: Strong knowledge with incident management technologies such as notification tools, risk intelligence and analysis, etc.Incident Management Frameworks: Deep understanding of frameworks such as NIST, FFIEC, DORA, PRA, OCC, etc.Policy and Procedure Development: Proficiency in drafting and enforcing policies, procedures, and playbooks.Desired SkillsAutomation and AI-based incident response triggersAdvanced dashboarding and incident trend analysis