Sr Lead, Cyber Security - Risk and Controls (Finance)

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.

Northern Trust Technology Risk & Control function is responsible for enabling Global Information Technology to build a strong 1st Line of Defense, foster a control aware culture, deliver compliant and secure technology capabilities, protect customers and meet regulatory requirements. The Lead Risk and Control Officer is part of the InfoSec Control Officer Team, responsible for leading and supporting risk and control assessments for core cyber security domains, performing security testing, and evaluating compliance to information security policies and procedures and regulatory requirements. The role will work directly with cybersecurity, Infrastructure and business units teams providing guidance to implement defense-in-depth controls to protect Northern Trust and the customers. As well as work with a dynamic team and contribute to the overall cyber security of the firm.

Major Duties include but not limited to:

• Advise and support risk and control assessments for core cyber security domains

• Lead remediation of cyber security findings from various sources

• Solves problems and timely management of open risk and control gaps

• Support the development and maintenance of cyber security standards in line with industry best practices, as well as support technical engagements around security threats & vulnerabilities and software security testing

Knowledge /Skills/Abilities/Experience & Desirable Criteria include:

• Technical or audit experience in core cyber security fields such as IAM, vulnerability / threat management, Pen-Testing, Data Protection, IH / IR, AppSec, Network Security, System Administrator, GRC

• Understanding of Technology Risk & Controls across domains

• Knowledge of performing risk management and industry standards, NIST etc.

• Ability to proactively assess issues, identify solutions and problem solve.

• Ability to understand and interact with technology subject matter experts regarding technology topics

• Analytical, consultative and communication skills with ability to communicate control requirements to partners in terms easily understood

• Organized and time management skill, with ability to produce high quality timely deliverables

• Flexible approach towards changing work methods, deadlines and variable workloads.

• Ability to adapt and react timely and positively in a changing and dynamic work environment.

• Knowledge Microsoft Office Suite and ability to learn new tools as needed.

• Applicable industry standard certification(s) desired

Major Duties:

• Provides technical expertise and support to client, IT management and staff in risk assessments, implement.

• Identifies, evaluates, conducts, schedules and leads technical analyses functions to ensure all applicable IS security requirements are met.

• Participates in the evaluation, development, implementation, communication, monitoring and maintenance of information technology security policies and procedures.

• May act as Project Leader.

• May be involved in providing assistance and training to lower level specialists.

• Keeps abreast on the direction of emerging industry standards.

• Provides technical analysis of requirements necessary for the protection of all information processed, stored, or transmitted by systems.

• Serves as an expert resource or go to person within a group.

• Conducts preliminary analysis and reviews work of others.

• Handles more extensive, high-profile work.

• Responsible for direct interaction with different committees and/or management.

Knowledge: Is a technical expert with in-depth knowledge in area of expertise and strong knowledge of other areas. Requires excellent analytical ability, consultative and communication skills, strong judgment and the ability to work effectively with client, IT management and staff, vendors and consultants.

Experience: Bachelor degree in Computer Science or a related discipline and at least four, typically six or more years of technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.

Salary Range:
$95,600 - 162,400 USD

Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com .

We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.