Head of Technology and Cyber Risk – Operational Resilience and Risk Division, Supervisory Risk Specialists (SRS), PRA

The Bank of England is the UK’s central bank. Our mission is to deliver monetary and financial stability for the British people.

As a directorate of the PRA, the Supervisory Risk Specialists (SRS) provides deep technical expertise and applies judgement in specific risk disciplines as part of the PRA’s integrated supervisory approach, in order to identify, analyse and mitigate material risks to the safety and soundness of PRA regulated firms. These material risks can arise within and across firms and from the market environment.


Department Overview


Operational resilience is a strategic priority for the Bank.  The PRA has a strategic goal of embedding operational resilience in regulated firms, to minimise disruption to economic functions causing material risk to financial stability. To achieve this goal, an ambitious programme of work has been developed to ensure that micro (supervisor-led) and macro-prudential (sector-focused) activity is appropriately targeted to ensure that the operational resilience of the UK financial sector is brought within defined tolerances.  The Bank is also a thought leader in international work focused on operational resilience including, and with a particular focus on, cyber risk.


Job description


We are seeking a Head of Technology and Cyber risk to provide capacity at senior level with specialist technical knowledge and experience to supervise the fast-evolving challenges and threats driven by technology change and cyber risk, across PRA regulated firms.

As our operational resilience work moves from strategy development to execution, the Head of Technology and Cyber risk will bring a strong understanding and practical experience of how threats to operational resilience are emerging from challenges firms face in building and maintaining reliable technology estates, through their management of outsourced functions to third parties and from cyber attacks.

An important element of the job is influencing the international agenda on cyber risk through key international groups/fora. The post-holder will also lead the PRA’s engagement with the UK financial sector on technology and cyber risk, for example on sector exercises and through developing tools and approaches which support PRA regulated firms in managing and mitigating the impacts of unexpected IT failure or cyber attack. The post-holder will be responsible for taking forward the Financial Policy Committee’s approach to cyber stress testing.


Number of direct reports: 1 direct report with a team of up to 20


Role Requirements


Minimum Criteria

  • Leadership skills – strong leadership skills with a track record of leading teams, including the ability to create and implement a shared vision and delivery of outcomes.
  • Technical skills – a track record of identifying and managing the challenges and threats arising from technology change, outsourcing and/or cyber risk.
  • Analytical skills – a strong understanding and practical experience of effective problem solving to mitigate these risks.


Essential Criteria

  • Communication skills – ability to produce clear and concise written and verbal communication tailored to the circumstances.
  • Presentation skills – the experience and confidence to represent the Bank at a senior level on international committees and conferences
  • Influencing skills – ability to engage and influence senior stakeholders within the Bank and externally at a senior level with firms and/or other central banks/regulators.
  • Ability to build and develop a diverse team, in terms of life experience and approach.
  • Ability to lead in a manner which is human, humble and in step with the changing world, fostering a kind, inclusive and curious environment for discussion.
  • Able to demonstrate flexibility in resourcing; a track record of proactive, proportionate and effective prioritisation.
  • A track record of delivering change, collaborating with other divisions and making connections between work-streams.


Desirable Criteria

  • Familiarity with prudential regulation and an understanding of the PRA’s supervisory model and approach to operational resilience.
  • Familiarity with the UK official sector’s arrangements to provide leadership to the financial services industry in the event of major operational disruption.
Go Back

Swipe sideways to view more posts!


Loading ...