Head: Resilience Risk - Business Banking

Job Summary

• Own and maintain the BB Resilience Risk management approach aligned to the ERMF and ORRMF
• Establish and maintain BB-wide protocols, standards, and guidance to support consistent implementation of Group policies and standards
• Define, document, and communicate an annual Resilience Risk management plan for BB
• Oversee the quality, consistency, and effectiveness of framework application across Business Units
• Provide independent oversight, challenge, and advice on the management of Resilience Risk

Oversee and provide guidance on the effective execution of core Resilience Risk processes, including:

• Risk Appetite articulation and monitoring
• Risk and Issue Classification
• Risk and Control Assessments (RCAs)
• Risk Event and Loss Management
• Issues and Actions Management
• Root Cause Analysis and Lessons Learnt
• Risk Indicators, Metrics, and Thresholds, including early warning indicators across emerging threats
• Scenario Analysis and Capital Assessment
• Management Control Assessment
• Combined Assurance coordination
• Risk technology enablement

Ensure processes are applied consistently, outcomes are robust, and management actions are effective.

• Perform independent monitoring, check and challenge of first line Resilience Risk practices
• Evaluate the completeness and accuracy of BB’s end-to-end Resilience Risk profile
• Proactively identify emerging risks and conduct horizon scanning
• Oversee deep dives, thematic reviews, and lessons learnt exercises for material risks
• Review and challenge remediation plans for adequacy, timeliness, and effectiveness

• Lead BB Scenario Analysis and Capital Assessment processes for Resilience Risk
• Support Business Unit risk teams in executing scenario analysis activities
• Monitor and assess the adequacy and optimisation of Operational Risk capital
• Enable management insight into control effectiveness and risk exposure

• Develop and maintain an annual BB Resilience Risk ongoing monitoring and combined assurance plan, ensuring the Resilience Risk SRTs are appropriately covered in BB combined assurance plans.
• Support the BB Combined Assurance effort by checking and challenging a comprehensive 1st line of defence combined assurance plan and supplementing it with appropriate 2nd line assurance, as part of the overall BB Combined Assurance plan.  
• Coordinate BB combined assurance 2nd line activities in line with Group standards.
• Oversee execution and tracking of assurance activities and outcomes.
• Key liaison with Assurance providers and or regulators across any independent reviews or assurance activity, being conducted in BB across the resilience risk types.
• Participation in BU assurance activities, in line with the combined assurance model and ensuring that independently assessments are performed to evidence the effective implementation and embedment of the ERMF and ORRMF, its associated policies and standards and management of the underlying risks across the organisation
• Assist in ensuring Business readiness for assurance reviews and all relevant regulatory and risk deep dives. Play an active role in the discussion of issues to be reported from assurance reviews, ensuring that issues are valid and factually accurate, and actions are well defined and timed appropriately. 
• Develop and execute, in collaboration with Internal Audit, Group Risk, Group Operational and Resilience Risk, Functions and Compliance, an effective and efficient methodology/working model for combined assurance (assurance and conformance assessment) of operational and resilience risk practices against the framework, policies and standards.
• To achieve the required 2LoD assurance responsibilities, perform conformance reviews to provide assurance that Resilience risk frameworks, policies and standards are effectively implemented and embedded within the BU, and perform discretionary control testing, in accordance with the Assurance Standard.
• Perform independent risk-based assurance where required

• Define and communicate BB Resilience Risk reporting requirements
• Review, validate, and challenge risk data and management information
• Prepare high-quality Resilience Risk reports for BB and Group governance forums
• Provide insight, interpretation, and analytics to senior management
• Oversee adherence to Risk Data Aggregation and Risk Reporting (RDARR) standards
• Support regulatory and external reporting where required

• Establish effective engagement models between BB, Group Risk, and functional stakeholders
• Coordinate BB input into Group Resilience Risk initiatives and transformation programmes
• Provide expert advice to Business Units on their Resilience Risk profiles
• Support risk capability uplift through training, awareness, and guidance
• Represent BB in relevant internal and external risk forums

• Oversee the implementation and effective use of Group-mandated risk technologies
• Act as custodian of BB Resilience Risk data within risk systems
• Monitor data quality, completeness, and appropriate system usage
• Support the implementation of bespoke or enhanced risk technology solutions where applicable

• Oversee Resilience Risk-related change initiatives within BB
• Monitor performance metrics, trends, and delivery of risk change programmes
• Enable effective adoption of people, process, and technology changes
• Assess and coordinate implementation of regulatory change impacting Resilience Risk

• Manage the team responsible for 2nd line Risk oversight over the Technology and Cyber Function for BB
• Build an engaged, capable, and high-performing Resilience Risk team
• Foster a strong risk culture aligned to organisational values

• Set clear performance expectations and develop team capability, including adequate succession planning.

• Bachelor’s Degree in IT, Information Systems, Risk Management, or related discipline
• Postgraduate qualifications advantageous
• Minimum 10 years’ experience in Resilience risk types of primarily Technology, Information Security and Cyber risk, Data and Records Management risk and Change risk
  • At least 5 years’ experience at an Executive leadership level
• Strong knowledge of IT Risk, resilience risk, and relevant ISO/industry standards and regulatory frameworks and requirements
• Experience in risk governance, senior management forums, and assurance activities
• Third party risk, Change management and Business Continuity experience advantageous
• IT Audit exposure advantageous
• Professional memberships advantageous

• Independent judgement and strong personal accountability
• Influential, confident, and able to challenge constructively
• Excellent verbal and written communication skills
• Strategic thinker with ability to engage at a detailed level
• High emotional intelligence and stakeholder management capability
• Curious, innovative, and future-focused
• Resilient, adaptable, and values-driven
• Thought leadership and ability to articulate technical acumen into simplified business language.

Education

Absa Bank Limited is an equal opportunity, affirmative action employer. In compliance with the Employment Equity Act 55 of 1998, preference will be given to suitable candidates from designated groups whose appointments will contribute towards achievement of equitable demographic representation of our workforce profile and add to the diversity of the Bank.

Absa Bank Limited reserves the right not to make an appointment to the post as advertised