Head of Cyber Strategy

The role

As a senior leader in the Non-Financial Risk team, you will work collaboratively to deliver a range of initiatives and activities which drive the transformation of operational resilience across the industries that APRA regulates. The scope of work will include the implementation of strategies and work programs to enable significant uplift in operational resilience practices in APRA’s regulated population, particularly across Cyber and Technology risk management, and ensuring that APRA’s supervision activities are effective, appropriately targeted and delivered efficiently.

The team

The role is a member of the APRA Leadership Team and the Non-Financial Risk Leadership Team within the Cross-Industry Risk Division (CRD) and will be based in our Sydney office.

The Non-Financial Risk (NFR) team is responsible for providing identification, insight and supervision strategies for managing non-financial risks including operational resilience at regulated entities and across the financial services system. This includes key risk streams such as Operational Risk and Resilience, Technology and Cyber Security Risks and Resilience, Climate Risk, Governance, Risk Culture and Conduct, and Accountability and Remuneration practices.

The NFR team brings specialist risk knowledge and skills to deliver APRA’s mandate and corporate plan in partnership with APRA’s frontline supervision, cross industry risk and policy teams to drive strategic outcomes and support strong prudential oversight across Banking, Superannuation and Insurance.  Each day is different and the team plays a critical role in ensuring that risks are identified and managed leading to more resilient organisations and a stable financial system.

Key responsibilities

• Deliver APRA’s cyber resilience activities uplift including our 2025-2029 Cyber Program, including the development and design of key strategic actions and activities, delivery of key outcomes, and ensure governance and oversight requirements are met;

• Guide and support future policy development in cyber and technology resilience, including appropriate settings for information security controls and data risk management;

• Consider the impact of emerging technology capabilities, such as AI, and changes in the broader environment as potential points of influence on our strategic priorities for Cyber risk;

• Lead a team of professionals to deliver strategic uplift and core supervision outcomes in a pooled resourcing environment;

• Foster an inclusive environment that creates a sense of belonging and trust and allows people to actively contribute and reach their full potential;

• Work with multiple key internal stakeholders and teams to partner on strategic uplift initiatives and core, ensuring that needs and requirements are understood and met;

• Develop external networks to support initiatives including government agencies, industry associations and key positions at regulated entities;

• Proactively identify and raise continuous improvement opportunities for whole of team efficiency and effectiveness to develop team members; and

• Actively contribute to the leadership of Non-Financial Risk team including management of risks, allocation of resources, development of people, prioritisation of activities, management of key relationships and overall team strategy.

About you

• Experience in the financial services sector in a leadership capacity, with sound understanding of the principles of prudential regulation and financial sector risks;

• Leading in the face of uncertainty with the ability to organise and motivate others to meet deadlines, facilitating the understanding of complex circumstances to gain support and agreement;

• Excellent organisational, prioritisation, analytical and communication skills;

• Relationship-building, negotiation and influencing capability at a senior level;

• Ability to identify strategic issues and develop and implement appropriate solutions;

• Strong personal integrity and an intuitive understanding of what is reasonable and prudent business practice;

• Ability to establish and maintain sound working relationships with peers, team members and external stakeholders in a professional team environment; and

• Professional qualifications in a relevant field or equivalent experience in assessing the management of operational resilience, in one or more areas such as organisation & governance, risk management, strategic planning, information security (including cyber), IT operations and service management, project management & application development, data management, business continuity management and disaster recovery, service provision and assurance.

To work with us, you need to be an Australian citizen with eligibility to obtain and maintain Australian Government Security clearance.

About APRA

Australian Prudential Regulation Authority (APRA) was established in 1998 as an independent statutory authority that supervises almost 1,200 financial institutions that manage $8.6 trillion in assets for Australians across the banking, insurance and superannuation sectors. APRA serves the Australian community by helping ensure that financial institutions deliver on the financial commitments they make, with a stable, efficient and competitive financial system.

In overseeing the safety, competitiveness and stability of the financial system, we seek to recruit, develop and retain highly skilled professionals, who want to help shape financial services and protect the financial wellbeing of the Australian community. Our employee base of almost 900 come predominantly from the commercial financial services industry or other government agencies; as such, we have the feel of a small corporate organisation that can work flexibly and with agility.

Why Work for APRA

We recognise the skills, experience and commitment that our staff bring to their professional lives, and we seek to reward them accordingly. We also recognise that for our staff to be able to perform at their best, we need to ensure that they are able to bring their best selves to work. Our commitment to wellbeing is having engaged people supported by resilient leaders within a values-aligned culture.

At APRA, we’re committed to providing an inclusive workplace where everyone belongs, feels valued and respected. We aspire to attract and foster diversity of background, thought, and experience, recognising that a broad range of perspectives, approaches and ideas makes us stronger, and better enables us to meet our obligation to protect the financial wellbeing of the Australian community. If you need any adjustments during the recruitment process, please inform at application stage so we can do our best to accommodate your requirements.