BCM & Third Parties Resilience Officer (Banking)

SSC Egypt

1. Assist as necessary in the implementation/periodic updates of the bank s business continuity management plans and all related logistics with relevant stakeholders to provide required support and coordination and ensure proper maintenance of different bank-wide plans on the BCM system.

2. Review and approve Business Impact Analysis, and Recovery Plans on the BCM system within the agreed SLAs.

3. Support in the preparation for IT DR drills and act as a focal point between IT and Business teams

4. Set the annual testing calendar for all the bank s areas in alignment with the Business Continuity approved plan, coordinate any business continuity testing related tasks and analyze the results to ensure closure of pending issues with relevant stakeholders. And participate in the preparation & planning for crisis simulation exercises, to ensure the effectiveness of organization recovery in case of any disruptions.

5. Coordinate the establishment, regular inventory, and ongoing health checks of the bank s alternate sites to ensure effective recovery throughout any disruptions.

6. Provide on-call support for any emergency that may require activation of business continuity plans and/or alternate sites and report the situation updates as necessary to the Continuity & Resilience Management and therefore ensuring timely reporting and smooth communication between BCM and response team in presence of disruption.

7. Administer and maintain the BCM system and tracking of different tasks and required BIAs, and Plans approvals.

8. Prepare and extract different reports and dashboards, addressing functions and processes criticality assessments as well as resources requested by the business areas to ensure the continuation of critical processes. These reports and records support the business continuity planning in general and alternate site preparation in specific.

9. Participate in the third parties relationship cycle from initiation phase and throughout the contracting phase through assessing the critical services to ensure that Security & Business Continuity requirements are advised and implemented, and maintain an inclusive inventory for sole vendors providing critical services and ensure that a contingency plan for the service they provide is in place.

10. Perform on-going assessment of the critical outsourced activities to ensure full alignment with the bank s Security & Resilience Program and other relevant policies, and recommend the proper security controls to be applied by the bank according to the nature of the third party engagement and consult the relevant subject matter expert from security team where needed to ensure that the risks resulting from the relationship are minimized.

11. Review the Business Continuity Plans of critical vendors and outsourced service providers and ensure they are tested and updated as per the agreed upon frequencies, and ensure that test results are meeting an acceptable success rate, and that any findings are addressed by the third party to guarantee the plans are adequate to continue the critical services provided to the bank.

12. Conduct off-site visits for Critical Vendors and outsourced service providers to make sure security controls and business continuity arrangements mentioned in their Business Continuity/Disaster Recovery Plans are in place and attend Business Continuity tests/exercises conducted by Vendors / Service Providers to ensure adequacy of their Business Continuity Plans and measures.

Policies, Processes and Procedures:

13. Follow all relevant department policies, processes, standard operating procedures and instructions so that work is carried out in a controlled and consistent manner.

Day-to-day Operations:

14. Follow the day-to-day operations related to own jobs in the Business Continuity Management department to ensure continuity of work.

Compliance:

15. Comply with all relevant CBE regulations, banking laws, AML regulations and internal bank policies and code of conduct in order to maintain the bank's sound legal position and mitigate any potential risks.