Technology and Third-Party Resilience Manager

The Technology and Third-Party Resilience Manager is responsible for ensuring the framework for continuity, integrity, and availability of technology services, with a particular emphasis on i) Important Business Services (IBS) and other critical functions that support HL's operations, and ii) how third-parties can impact this. This role drives the development and implementation of a comprehensive Technology Resilience strategy that aligns with regulatory obligations, operational priorities, and client expectations.

By proactively safeguarding systems and data against technical failures, cyber threats, and other disruptions, the role fosters a culture of resilience and embeds a client-first mindset across all aspects of technology delivery. What you will be doing Accountable for the creation and ownership of the Technology and Third-Party Resilience Framework, Policies, Standards, and controls, aligned to the Operational and Enterprise Risk Management Frameworks (ORMF / ERMF).

Responsible alongside the Accountable Executives for embedding (technology) resilience within Digital and with wider HL risk culture. Drive cross-functional collaboration across Technology and Business teams to embed resilience practices. Working closely with Operational Resilience and engineering teams to oversee the delivery of resilience uplift programmes and vulnerability mitigations. Ensuring capabilities are maintained, tested, and evaluated in line with financial sector standards.

Working with Operational Resilience, responsible for Digital's - a. BCP and BIAs b. BC / DR Scenarios c. Third-Party risk exposures (Concentration, Exit, SPoF, and EoL risks) d. ICARA scenario review e. Wind Down planning, and f. Ensuring IBS and other critical services are understood, considered and protected. g. Own and manage production of DR schedules Identify and communicate risk points, enabling informed decision-making and planning of remediation activities including 3rd party suppliers.

Scale resilience capabilities to meet future business needs, regulatory changes, and technology advancements. Ensuring Business Continuity Plans (BCPs) are complete and effective. Conducts testing of controls and assessments of compliance on a regular basis and / or at the request of Senior management, Executive, Regulatory authorities. Act as a trusted advisor to digital and business teams on technology resilience best practices, including incident response and recovery planning.

Work with Digital Risk, Operational Resilience and Security teams on scenario planning, including Cyber Recovery. Define and own relevant measures and metrics. Provide clear and effective reporting to stakeholders on progress, risks, issues, and opportunities, including regulatory and audit functions. Ability to author Executive and Board level papers. About you Strong track record of executing and embedding a Technology Resilience and Disaster Recovery strategy and framework, including developing and informing governance through policies, standards, controls and processes.

Experience in embedding resilience principles with a focus on Important Business Services (IBS), Third-Party risk management, and private and public cloud-hosted environments. Familiarity with resilience testing tools and approaches. Extensive experience in senior stakeholder management, with the ability to influence, engage, and gain buy-in from executive leadership and cross-functional teams. Excellent communication skills, capable of translating technical concepts for diverse audiences including senior leaders, regulators and auditors.

Experience working with software development and infrastructure teams. Knowledge of Agile methodologies and experience influencing product management priorities in financial services. Strong analytical and problem-solving skills, with a collaborative approach to issue resolution. Proficiency in data visualization and reporting tools. Deep understanding of financial sector regulations and operational resilience requirements (e.g., FCA, PRA, DORA, ISO 22301), and practical experience applying these to IBS.

Interview process The interview process for this role is…