Senior Manager, Business Continuity and Resilience

Prudential's purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people's career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.

Job Title

Senior Manager, Business Continuity & Operational Resilience

Location: Kuala Lumpur
Employment Type: Full-Time

Job Purpose

The Senior Manager, Business Continuity & Operational Resilience is accountable for establishing, governing, and continuously strengthening the organisation's enterprise-wide Business Continuity Management (BCM) and Operational Resilience capabilities.

This role ensures the organisation can continue critical business services, protect customers and stakeholders, and meet Bank Negara Malaysia (BNM) regulatory requirements during operational disruptions. The role provides strategic leadership, regulatory assurance, and credible challenge to senior management, covering resilience across people, processes, technology, facilities, data, and third-party arrangements.

Key Responsibilities

1. Enterprise BCM & Operational Resilience Framework

• Lead the design, implementation, governance, and continuous enhancement of the enterprise BCM and Operational Resilience framework, in line with BNM policy requirements, Prudential Group standards, and industry best practice.
• Establish and maintain enterprise-wide policies, standards, roles, escalation mechanisms, and minimum resilience expectations across business units, subsidiaries, and outsourced arrangements.
• Embed BCM and operational resilience requirements into business strategy, change initiatives, and risk management processes.
• Govern and develop the enterprise BC Coordinator network, including standards, training, quality assurance, and readiness uplift.
• Develop and execute an annual enterprise BCM and resilience training programme, including role-based training, simulations, and tabletop exercises.

2. Business Impact Analysis (BIA) & Critical Business Services

• Oversee enterprise-wide Business Impact Analysis (BIA) activities to identify:
  • Critical and important business services
  • Customer, financial, operational, reputational, and regulatory impacts
  • MTPD, RTO, and RPO requirements
• Ensure BIAs are consistent, risk-based, auditable, and regularly refreshed.
• Establish an enterprise methodology for identifying critical services, assessing criticality, and managing annual refresh cycles.
• Ensure each critical or important business service has:
  • A named service owner
  • Documented end-to-end dependencies
  • Approved resilience tolerances and recovery strategies
• Validate that recovery strategies align with BNM disruption tolerances and internal risk appetite.

3. Operational Resilience & Scenario Testing

• Lead the identification of Important Business Services (IBS) from a customer and financial system perspective.
• Design and execute severe-but-plausible scenario testing, including:
  • Technology and cyber disruptions
  • Facilities unavailability
  • Workforce disruptions
  • Third-party / outsourcing failures
  • Prolonged system outages and data integrity incidents
• Own the enterprise annual BCM, crisis management, and DR testing plan for critical systems.
• Partner with Technology to review and challenge disaster recovery (DR) strategies and test outcomes, including retesting where required.
• Maintain an enterprise resilience issues register, driving accountable remediation and senior management oversight.
• Ensure testing results lead to tangible and sustainable resilience improvements, not lessons learned only.

4. Crisis Management & Incident Response

• Act as key advisor and secretariat to the Crisis Management Team (CMT).
• Provide guidance during major operational disruptions, including prolonged system outages and material incidents.
• Coordinate post-incident reviews to ensure:
  • Root causes are identified
  • Control gaps are addressed
  • Lessons learned are embedded into policies, procedures, and testing

5. Regulatory Compliance, Audit & Assurance

• Ensure compliance with BNM requirements and Prudential Group policies across:
  • Business Continuity Management
  • Operational Risk
  • Outsourcing and Third-Party Risk
  • Technology and Cyber Resilience (where applicable)
• Serve as the primary point of contact for BNM engagements, regulatory reviews, thematic inspections, and audits related to BCM and resilience.
• Lead regulatory submissions, supervisory responses, and audit issue remediation, ensuring timely and sustainable closure.
• Monitor emerging regulatory developments and advise management on impact and readiness.

6. Governance, Reporting & Authority

• Act as the enterprise BCM and Operational Resilience subject matter authority, approving methodologies and setting minimum standards.
• Provide regular management and Board-level reporting on BCM maturity, testing outcomes, material incidents, and remediation status.
• Establish and maintain clear enterprise RACI and coordination mechanisms across service owners, BC coordinators, and corporate functions.

7. Outsourcing, Third-Party & Technology Resilience

• Oversee BCM and resilience requirements across outsourced and third-party arrangements, including critical service providers, technology vendors, and facilities partners.
• Partner with Technology, Cyber Security, Procurement, Vendor Management, and Risk teams to:
  • Assess third-party recovery capabilities
  • Identify and mitigate concentration and single-point-of-failure risks
  • Ensure contractual BCM and testing obligations are established and evidenced
• Review and challenge resilience assumptions between internal dependencies and vendor recovery capabilities.

8. Senior Stakeholder & Board Engagement

• Act as a trusted advisor to senior management, risk committees, and Board forums on BCM and Operational Resilience matters.
• Deliver clear, concise, and risk-focused insights, highlighting customer, financial, and regulatory impacts.
• Influence senior leaders to drive accountability, ownership, and timely remediation across functions.

9. People Leadership & Capability Building

• Lead, coach, and develop BCM and resilience resources.
• Build organisation-wide resilience awareness through training, simulations, and crisis exercises.
• Foster a strong resilience culture aligned with regulatory expectations and organisational values.

10. Resilience MI, Reporting & Insights

• Develop and maintain enterprise resilience dashboards, covering coverage, testing outcomes, issues, and service readiness.
• Ensure MI is aligned to Group and local expectations, with clear trends and executive-level actions.

Qualifications & Experience

Mandatory

• Bachelor's degree in Business, Risk Management, Finance, IT, or related discipline
• 8-12+ years of experience in BCM, Operational Resilience, Operational Risk, or Technology Risk within a BNM-regulated financial institution
• Proven experience engaging with BNM, auditors, and senior management
• Demonstrated track record leading enterprise BCM and resilience programmes, including regulatory and audit remediation

Preferred

• Experience in Second Line of Defence (2LOD) roles
• Professional certifications (e.g. MBCI, CBCI, CBCP, EDRP)
• Exposure to ISO 22301 / operational resilience frameworks
• Experience with BCM, resilience, or GRC platforms

Skills & Personal Attributes

• Strong understanding of BNM regulatory expectations
• Excellent stakeholder management and influencing skills
• Clear and confident senior-level communicator
• Strong analytical judgement and decision-making under pressure
• High integrity, professionalism, and accountability

Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.