Posted in

Head of Enterprise Incident Management

Head of Enterprise Incident Management

CompanyTruist
LocationCharlotte, NC, USA, Atlanta, GA, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior, Expert or higher

Requirements

  • Bachelor’s degree or equivalent work experience
  • 15+ years of progressive leadership experience in crisis or incident management, enterprise risk, operations, technology, or resilience
  • Expertise in DR/BC frameworks including ISO 22301, National Institute of Standards and Technology (NIST), or Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook (IT Handbook), and Financial Services regulatory standards required
  • Proven ability to lead under pressure with executive presence and sound judgment
  • Deep experience navigating matrixed organizations and aligning stakeholders with competing priorities
  • Skilled in developing and implementing enterprise-wide frameworks, processes, and governance structures
  • Familiarity with regulatory expectations and industry standards for operational and technology resilience
  • Exceptional communicator, capable of briefing executive leadership, boards, and cross-functional partners with clarity and impact
  • Experience in crisis management, business continuity, resiliency, operational resiliency
  • Experience leading an enterprise incident management program, particularly for a large financial services or multinational firm
  • Excellent written and verbal communication skills with ability to express complex concepts and processes in a straightforward manner
  • Excellent leadership and influence skills
  • Adept with Microsoft Office products

Responsibilities

  • Own the enterprise framework for managing enterprise-level incidents across all categories (technology, cyber, physical, operational, political, etc.)
  • Lead a structured escalation and decision-making process with defined authority thresholds
  • Lead and drive the incident management process, organization, and teams, ensuring alignment with organizational objectives, regulatory requirements and industry best practices
  • Act as an Enterprise Incident Management advocate with business units ensuring business buy-in and facilitating integration of second line policies, standards, and minimum requirements
  • Ongoing subject matter expertise on all Enterprise Incident Management regulatory requirements, defining threats, and risk scenarios to provide recommendations on changes or program enhancements required to address such requirements and threats
  • Understand and apply internal policies/procedures, laws and regulations and managing to regulatory requirements including but not limited to: FFIEC, OCC, FINRA, and Federal Reserve
  • Build and lead a high-performing Enterprise Incident Management team, including seasoned Incident Commanders. Define roles, responsibilities, and coverage to ensure 24/7 response readiness
  • Train, advise, and partner with other teams to identify, prepare for, manage and identify lessons learned from critical incidents and crises through robust standards and processes
  • Drive the socialization, adoption, consistent and appropriate implementation, and ongoing maintenance of the Enterprise Incident Management policies, standards, methods, etc. across the bank
  • Establish strong command and control of an incident, establishing clear accountability/ownership and methodical evaluation of complex issue scenarios
  • Direct incident triage, assessment, and response coordination with clear ownership and accountability
  • Activate enterprise-level response plans and ensure accurate situation reporting to the C-suite and Board when required
  • Oversee the creation and management of crisis response teams, ensuring effective coordination during incidents
  • Act as a central point of contact for all enterprise-wide incidents
  • Manage the escalation, assessment, and resolution of incidents, ensuring the appropriate stakeholders are involved at each stage of the incident lifecycle
  • Oversee incident recovery efforts, ensuring business continuity and the swift resumption of critical operations
  • Serve as internal spokesperson for crisis-related issues when required, ensuring accurate and timely updates to internal stakeholders, senior leaders including the Operating Council
  • Serve as the central coordination point for Technology, Cybersecurity, Corporate Communications, Legal, Physical Security, Privacy, Compliance, Fraud, Financial Crimes, Facilities, and Third-Party Management, and the Business during high-impact events
  • Continuously enhance incident management standards, procedures, and response frameworks
  • Foster strong relationships with line of business, operations, legal, risk, compliance, etc. to ensure a coordinated and effective response to incidents
  • Work with stakeholders and internal business units to establish, provide, and agree on clear goals, objectives, and performance delivery outcomes as well as timelines for Enterprise Incident Management
  • Design and implement a scalable incident management operating model, aligned with the enterprise resilience strategy
  • Develop incident classification models, escalation triggers, and response playbooks to drive repeatable excellence under pressure
  • Build and execute incident management training programs for employees at all levels, including senior management, incident response teams, and key operational groups
  • Participate, and at times facilitate, crisis simulation exercises to test response protocols and identify gaps in current processes
  • Maintain appropriate Risk Profile through proactively identifying risks and implementing the necessary mitigations where warranted
  • Partner effectively with 2nd line of defense, Audit, and regulators to ensure Risk is identified and mitigated
  • Stay up to date with emerging trends, regulations, and best practices related to enterprise risk and incident management
  • Ensure compliance with relevant regulatory requirements related to crisis management and incident response in the financial services industry
  • Partner with the Head of Continuity Management to ensure seamless alignment across incident response, business continuity, and disaster recovery efforts
  • Jointly oversee readiness exercises and simulation programs
  • Establish enterprise-level KPIs for incident response
  • Lead after-action reviews to extract insights and embed continuous improvement into the program
  • Work closely with senior executives to provide regulator updates on incident management activities lessons learned, and recommendations for continuous improvement
  • Coordinate the return of structures, systems, and personnel to functional states equal to or better than pre-crisis conditions

Preferred Qualifications

  • Advanced degree strongly preferred (e.g. Master of Business Administration, Risk Management, or relevant master’s degree)
  • 20+ years in senior leadership positions across lines of business, functions, and/or technology in financial services industry
  • Experience developing and enhancing documentation and communications reports using a wide array of information sources and publishing to different audiences, including senior management, corporate risk groups and regulators
  • Adaptable to rapid large-scale changes in business processes and organizational structure
  • Comfortable working in a complex matrix environment with simultaneous responsibility to business line management and department, group and corporate level risk teams
  • Experience presenting to Regulators including but not limited to the Federal Reserve Board (FRB), Office of the Comptroller of the Currency (OCC), and the Federal Deposit Insurance Corporation (FDIC)
  • Industry Certifications including Certified Business Continuity Professional (CBCP), Master Business Continuity Professional (MBCP), Certified Information Systems Security Professional (CISSP), or similar certifications are preferred.