Business Resilience Manager bei Davies
Davies · London, Vereinigtes Königreich · Onsite
- Senior
- Optionales Büro in London
The role holder will play a pivotal role in the design, implementation, and effective operation of the Business Resilience, Business Continuity, and Third Party Risk Management frameworks across Asta and its clients. The role works in close partnership with clients, internal teams, and market stakeholders to ensure that Asta and its syndicates can anticipate, withstand, respond to, and recover from operational disruption, safeguarding the interests of the business, our clients, and policyholders.
A key focus of this role is the oversight and assurance of third-party relationships, with particular emphasis on technology and critical service providers, including enterprise-level agreements with leading market vendors. This encompasses assessing and managing resilience and security risks within the supply chain, driving improvements in third-party governance, and ensuring compliance with regulatory and market standards.
The Business Resilience Manager is also responsible for coordinating and delivering timely, accurate risk reporting for both internal governance and external regulatory purposes. This includes providing regular updates to senior management and relevant boards on the state of operational resilience, key risks, incidents, and the effectiveness of continuity and third-party assurance artefacts, enabling informed decision-making and compliance with all regulatory requirements.
Additionally, the role supports the definition and execution of scenario tests with third-party providers and syndicates, ensuring preparedness for a wide range of disruption events and validating the effectiveness of continuity and resilience measures under adverse conditions.
A key focus of this role is the oversight and assurance of third-party relationships, with particular emphasis on technology and critical service providers, including enterprise-level agreements with leading market vendors. This encompasses assessing and managing resilience and security risks within the supply chain, driving improvements in third-party governance, and ensuring compliance with regulatory and market standards.
The Business Resilience Manager is also responsible for coordinating and delivering timely, accurate risk reporting for both internal governance and external regulatory purposes. This includes providing regular updates to senior management and relevant boards on the state of operational resilience, key risks, incidents, and the effectiveness of continuity and third-party assurance artefacts, enabling informed decision-making and compliance with all regulatory requirements.
Additionally, the role supports the definition and execution of scenario tests with third-party providers and syndicates, ensuring preparedness for a wide range of disruption events and validating the effectiveness of continuity and resilience measures under adverse conditions.
Your New Role
- Design, manage, and continuously improve Asta’s Business Resilience and Business Continuity frameworks, working closely with internal stakeholders and clients to identify important business services, map resources, set impact tolerances, and embed/update business continuity plans and assessments.
- Develop, deliver, and oversee business resilience testing plans in collaboration with client IT and Asta IT to address technology risks, ensuring testing adherence to schedules, and remediation of gaps from tests, incidents, and audits.
- Maintain and execute crisis management and incident response procedures in alignment with Business Resilience and Business Continuity requirements.
- Ensure compliance of all Business Resilience frameworks with UK and international regulations, preparing timely reports and updates including annual self-assessments for Boards and Committees.
- Design, manage, and enhance Asta’s third-party governance and risk management framework, ensuring regulatory compliance, collaboration across key functions, and maintaining a third-party risk taxonomy and classification framework.
- Oversee the end-to-end lifecycle of third-party relationships, including risk assessment, due diligence, contract oversight, ongoing monitoring, and change management, working with relevant stakeholders and suppliers
- Lead regulatory and internal reporting on third-party risks and incident management, coordinating with internal controls such as Internal Audit and Risk, and overseeing third-party exit and decommissioning processes.
- Monitor industry developments and best practices to provide ongoing guidance and education to clients and internal teams on business resilience, business continuity, and third-party management, while fostering team development and acting as a subject matter expert.
- Prepare and present comprehensive reports on business resilience and third-party governance, risk, and performance to Boards, Committees, and senior leadership, ensuring thorough documentation for audit readiness and knowledge sharing.
- Plan, develop and execute scenario tests across a range of test components including Cyber, Destructive Ransomware and Third party. Facilitate the development of client’s annual test plans and monitor execution and results to drive continuous improvement and increase test sophistication over time.
What You'll Bring to the Role
Key personal skills required
- Strong collaboration skills, including listening and working effectively with internal Asta teams and clients.
- Confident and effective in advising and briefing at all levels, including C-Suite client stakeholders
- Able to persuade others to provide information and meet deadlines
- Self-starter; able to display initiative and work with autonomy to become the expert within the organisation
- Can adapt rapidly to changing priorities and work well in fast paced situations.
- Calm under pressure and the ability to work quickly and effectively especially in periods of crisis management.
Key technical skills, knowledge and professional qualifications required
- In-depth understanding of business resilience frameworks, including industry standards and regulatory requirements such as the FCA and PRA Operational Resilience Policy (PS21/3 and SS1/21), Outsourcing and Third Party Risk Management (SS2/21), and current best practices, demonstrating the ability to design, implement, and continuously improve integrated resilience approaches that go beyond traditional business continuity models.
- Strong knowledge of business continuity planning, incident/crisis management, and disaster recovery, with proven ability to maintain, test, and execute response strategies across diverse operational scenarios and business functions.
- Substantial experience in the management, oversight, and governance of third-party suppliers and outsourced service providers, including regulatory compliance with FCA and PRA rules, risk assessment, due diligence, contract management, lifecycle oversight, and exit/decommissioning of critical and important arrangements.
- Expertise in developing and remediating business resilience test plans, working closely with IT, technology partners, and cross-functional teams to address technology risk, supplier dependencies, and process vulnerabilities.
- Demonstrable competence in regulatory, Board, and internal risk reporting, including ensuring timely completion of FCA and PRA notifications, contributing to annual self-assessments, executive summaries, and comprehensive documentation for audit, governance, and knowledge transfer purposes.
- Awareness of the unique operational and regulatory practices within the Lloyd’s market, particularly its interaction with central services (desirable).
- Ability to monitor and interpret industry developments and emerging risks, providing up-to-date guidance and training on business resilience, business continuity, and third-party management.
- Sound understanding of risk management frameworks, risk taxonomy, and risk control processes, including incident and issue management, control assurance, and reporting on supply chain risks.
Benefits
Davies are committed to being a diverse and inclusive workplace. We welcome candidates of all genders, gender identity and expression, neurodiversity, sexual orientation, disability, physical appearance, body size, race, age, nationality, and belief (or lack thereof).
- Join us and enjoy our ever-evolving benefits, including but not limited to:
- Reward platform – discounts for over 800 retailers
- 25 days holiday (rising with service)
- Well-being centre
- Recognition programme
- Family friendly employer
- Pension - company contribution at 10%
- Life Assurance (10 x basic salary)
- Private medical with an annual health check
- Development, training, and professional qualification
- Employee volunteering programme
