Head of Business Continuity and Resilience

Chubb is seeking a senior leader to head business continuity and resilience across Asia Pacific, spanning both General Insurance and Life operations. This role is focused on the continuity of business operations — ensuring Chubb can prepare for, respond to, and recover from disruptions to its people, processes, facilities, and other key dependencies across the region.

The role holds end-to-end accountability for business continuity capability across all APAC markets: implementation of the global business continuity program, regional governance, programme readiness, crisis and incident response, regional business continuity team leadership, and regulatory compliance. Technology risk, cyber security, IT resilience, physical security, and facilities are managed by separate functions; this role works alongside them but does not own them.

It requires someone who can engage at the executive level on business continuity programme maturity and resilience needs, while executes day-to-day requirements and leads the response when it matters. This is not a role for someone who governs from a distance.

Strategic Leadership

• Oversee and coordinate all regional (GI and Life) business continuity efforts
• Serves as the regional lead for global business continuity programme – drive completion of annual global business continuity program deliverables
• Successfully implement all global, regional, country, and local business continuity requirements and initiatives
• Lead the APAC business continuity team — set direction, manage performance, develop capability, and hold accountability for programme quality across all markets
• Serve as the ambassador for business continuity to local stakeholders and leadership - provides expert guidance to country business continuity leads and senior management; serve as the primary escalation point for all significant operational incidents and crises in the region
• Engage APAC regional leadership, country CEOs, and risk committees directly on programme maturity, material risk, and development deliverables

Governance and Programme Rigour

• Establish and maintain regional governance frameworks for business continuity and resilience across all APAC entities
• Oversee the development, implementation, and regular review of business continuity and incident management plans — ensuring they are operationally credible, not just documented
• Ensure robust business impact analyses and risk assessments are conducted, reviewed, and kept current across all in-scope markets
• Maintain a clear view of business continuity and resilience maturity across the region; identify gaps, prioritise remediation, and track progress with discipline
• Oversee business continuity obligations for critical third parties and outsourced arrangements, focused on operational continuity rather than technology or security requirements (which are managed separately)

Risk Mitigation and Recovery

• Lead the identification and review of key business processes and dependencies
• Ensure business continuity plans address recovery strategies for all process dependencies – ensure effective mitigation are in place. Documentation should be challenged for robustness, not accepted at face value
• Liaise with the Technology Risk and IT functions on IT disaster recovery where it intersects with business process continuity; this role does not own IT DR but must ensure the interface is well-managed

Testing and Exercising

• Direct the design and personally lead crisis simulations and tabletop exercises — including executive and board-level scenarios — not just coordinate them
• Ensure recovery testing for critical business processes is completed on schedule and produces results that are meaningful rather than compliant on paper
• Review and approve test findings; produce frank recommendations and track remediation through to closure
• Progressively raise the complexity and realism of exercises as programme maturity improves

Incident and Crisis Response

• Act as the regional crisis leader during major operational incidents — coordinating response and recovery across country teams and executive stakeholders, available and decisive when it counts
• Provide real-time situational awareness and decision support to leadership during active incidents
• Ensure communications to all relevant parties during incidents are timely, accurate, and calibrated to audience
• Lead post-incident reviews; ensure lessons are honestly captured and embedded into programme improvements, not filed and forgotten
• Coordinate with Global Crisis Management Teams and the Global Security Operations Center (GSOC) as necessary and appropriate

Training, Awareness, and Culture

• Champion a genuine culture of resilience across the region — not just policy compliance but real preparedness mindset at the country level
• Design and deliver targeted training and awareness programmes; ensure staff and leadership at all levels understand their role in a continuity event
• Engage executive and country leadership to proactively build business continuity and resilience ownership within their remit
• Keep countries informed of changes to business continuity policies, standards, and best practices

Compliance and Reporting

• Ensure regional compliance with applicable local regulations and global operational resilience standards across all APAC jurisdictions; stay ahead of evolving requirements
• Represent Chubb in regulatory engagements where required
• Maintain audit-ready documentation — continuity plans, risk assessments, test results, and incident records
• Prepare clear, accurate reports for senior management and regulatory bodies; provide the regional executive with a frank view of programme status

Continuous Improvement

• Monitor global and regional trends, emerging operational threats, and industry best practice; bring insights back into the programme proactively
• Solicit structured feedback from country teams and stakeholders to assess programme effectiveness; act on it
• Drive ongoing programme maturity uplift through structured governance cadences, KPI frameworks, and independent assurance reviews

• Minimum 8-10 years in business continuity, crisis management, or operational resilience, with at least 3 years in a regional or head-of-function capacity
• Demonstrated experience leading business continuity and resilience programmes across multiple countries and entities — ideally within insurance or financial services
• Track record of personally leading crisis simulations and managing real incident responses, not just overseeing others
• Strong knowledge of business continuity and operational resilience frameworks and standards (ISO 22301, BCI Good Practice Guidelines) and the APAC regulatory landscape
• Proven ability to engage and influence executive leadership and cross-functional teams across diverse geographies and cultures
• Experience managing business continuity obligations for critical third parties and outsourced arrangements
• People leadership experience — managing teams, developing talent, holding performance accountability
• Excellent written and verbal communication skills; able to translate complex risk topics into clear executive outputs
• Collaborative, culturally sensitive, and effective working across diverse teams and markets
• Fluent in English; Mandarin an advantage given regional operating context
• Willing to travel across the APAC region as required

Preferred

• Professional certification: CBCP, MBCI, or equivalent
• Experience with Fusion Risk Management or equivalent GRC/BCM platform
• Proficiency in Power BI or equivalent data visualisation tools for resilience reporting
• Working familiarity with IT disaster recovery concepts sufficient to manage the interface with technology teams effectively
• Background in insurance (GI or Life) strongly preferred

Out of Scope

• Technology risk and cyber security strategy
• Vulnerability management and security operations
• IT disaster recovery ownership and technical execution
• Physical security strategy, operations, and incident response
• Facilities management and workplace services
• Technology resilience architecture and engineering

What We're Looking For

The right person for this role leads from the front. They are as comfortable facilitating a board-level crisis simulation as they are reviewing business continuity plans for operational credibility. They hold the programme to a high standard, know when plans are real versus decorative, and do not accept compliant on paper as good enough.

Culturally fluent, credible with executives, and calm under pressure. This is a role for someone who has genuinely been tested in a crisis and performed.