Head of Cyber Risk and Response

Head of Cyber Risk and Response

As a senior leader in the Non-Financial Risk team, the **Head of Cyber Risk and Response** will work collaboratively to deliver a range of initiatives and activities which drive the transformation of operational resilience across the industries APRA regulates.

The scope of work will include the implementation of strategies and work programs to enable significant uplift in operational resilience practices in APRA's regulated population particularly across Cyber and Technology risk management and ensuring that APRA's supervision activities in this area are effective, appropriately targeted and delivered efficiently.

**The team**

This role is a member of the APRA Leadership Team and the Non-Financial Risk Leadership Team within the Cross-Industry Risk Division (CRD).

The Non-Financial Risk team is responsible for providing identification, insight and supervision strategies for managing non-financial risks including operational resilience at regulated entities and across the financial services system. This includes key risk streams such as Operational Risk, Compliance, Technology and Cyber Security Risk, Climate Risk, Governance, Risk Culture and Conduct, and Accountability and Remuneration practices.

The team plays a critical role to deliver APRA's mandate and corporate plan in partnership with APRA's frontline supervision, cross industry risk and policy teams.

**Key responsibilities
**- **Response** - lead APRA's response to entity and industry-wide cyber and operational incidents including assessing potential incident trajectory, engaging across internal and cross agency teams to assess impacts and determine actions and ensure internal playbooks are fit-for-purpose
- **Deliver Cyber strategy**:

- accountable for cyber resilience uplift activities including;
- APRA's Cyber Program incl CPS234 Remediation oversight
- Guidance and expert support to future policy development in cyber and technology resilience including data risk management
- Understanding and monitoring emerging technology capabilities such as AI
- Working closely across whole-of-government on Cyber strategy outcomes
- **Advice** - bring a dynamic and informed approach to the provision of strategic risk insights and advice to APRA executive leaders on key issues relating to cyber, technology and data risk management
- **People**:

- lead a team of professionals to deliver strategic uplift and core supervision outcomes in a pooled resourcing environment. Foster an inclusive environment that creates a sense of belonging and trust and allows people to actively contribute and reach their full potential
- **Internal collaboration** - working with multiple key internal stakeholders and teams to partner on strategic uplift initiatives and core and ensure needs and requirements are understood and met
- **Stakeholder engagement**:

- develop external networks to support initiatives including government agencies, industry associations and key positions at regulated entities
- **Develop others** - proactively identify and raise continuous improvement opportunities for whole of team efficiencies and effectiveness
- **Contribute to leadership team** - actively contribute to the leadership of Non-Financial Risk team including management of risks, allocation of resources, development of people, prioritisation of activities, management of key relationships and overall team strategy.

**About you**
- Strong leadership and management capabilities, including the ability to organise/motivate others and drive to deadlines
- Demonstrated Leadership in the face of uncertainty and facilitates the understanding of complex circumstances to gain support and agreement
- Experience in the financial services sector in a leadership capacity, with sound understanding of the principles of prudential regulation and financial sector risks
- Excellent organisational, prioritisation, analytical and communication skills
- Relationship building, negotiation and influencing capability at senior level
- Ability to identify strategic issues and develop and implement appropriate solutions
- Strong personal integrity and an intuitive understanding of what is reasonable and prudent business practice
- Ability to establish and maintain sound working relationships with peers, team members and external stakeholders in a professional team environment.

To work with us, you need to be an Australian citizen with eligibility to gain a Baseline Security clearance.

**About APRA**

The Australian Prudential Regulation Authority (APRA) places you at the heart of Australia's financial services industry. APRA serves the Australian community by helping ensure financial institutions deliver on the financial commitments they make, within a stable, efficient and competitive financial system.

At APRA we're committed to providing an inclusive workplace where everyone belongs, feels valued and respected. We aspire to attract and foster diversity of background, thought