Sr Lead Cyber Security - Risk and Controls

About Northern Trust:

Northern Trust a Fortune 500 company is a globally recognized awardwinning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the worlds most successful individuals families and institutions by remaining true to our enduring principles of service expertise and integrity. With more than 130 years of financial experience and over 22000 partners we serve the worlds most sophisticated clients using leading technology and exceptional service.

Northern Trust Technology Risk & Control function is responsible for enabling Global Information Technology to build a strong 1st Line of Defense foster a control aware culture deliver compliant and secure technology capabilities protect customers and meet regulatory requirements. The Lead Risk and Control Officer is part of the InfoSec Control Officer Team responsible for leading and supporting risk and control assessments for core cyber security domains performing security testing and evaluating compliance to information security policies and procedures and regulatory requirements. The role will work directly with cybersecurity Infrastructure and business units teams providing guidance to implement defenseindepth controls to protect Northern Trust and the customers. As well as work with a dynamic team and contribute to the overall cyber security of the firm.

Major Duties include but not limited to:

Advise and support risk and control assessments for core cyber security domains

Lead remediation of cyber security findings from various sources

Solves problems and timely management of open risk and control gaps

Support the development and maintenance of cyber security standards in line with industry best practices as well as support technical engagements around security threats & vulnerabilities and software security testing

Knowledge /Skills/Abilities/Experience & Desirable Criteria include:

Technical or audit experience in core cyber security fields such as IAM vulnerability / threat management PenTesting Data Protection IH / IR AppSec Network Security System Administrator GRC

Understanding of Technology Risk & Controls across domains

Knowledge of performing risk management and industry standards NIST etc.

Ability to proactively assess issues identify solutions and problem solve.

Ability to understand and interact with technology subject matter experts regarding technology topics

Analytical consultative and communication skills with ability to communicate control requirements to partners in terms easily understood

Organized and time management skill with ability to produce high quality timely deliverables

Flexible approach towards changing work methods deadlines and variable workloads.

Ability to adapt and react timely and positively in a changing and dynamic work environment.

Knowledge Microsoft Office Suite and ability to learn new tools as needed.

Applicable industry standard certification(s) desired

Major Duties:

Provides technical expertise and support to client IT management and staff in risk assessments implement.

Identifies evaluates conducts schedules and leads technical analyses functions to ensure all applicable IS security requirements are met.

Participates in the evaluation development implementation communication monitoring and maintenance of information technology security policies and procedures.

May act as Project Leader.

May be involved in providing assistance and training to lower level specialists.

Keeps abreast on the direction of emerging industry standards.

Provides technical analysis of requirements necessary for the protection of all information processed stored or transmitted by systems.

Serves as an expert resource or go to person within a group.

Conducts preliminary analysis and reviews work of others.

Handles more extensive highprofile work.

Responsible for direct interaction with different committees and/or management.

Knowledge: Is a technical expert with indepth knowledge in area of expertise and strong knowledge of other areas. Requires excellent analytical ability consultative and communication skills strong judgment and the ability to work effectively with client IT management and staff vendors and consultants.

Experience: Bachelor degree in Computer Science or a related discipline and at least four typically six or more years of technical experience in the security aspects of multiple platforms operating systems software communications and network protocols or an equivalent combination of education and work experience.

Salary Range:

Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits 401k and pension) health and welfare benefits (medical dental vision spending accounts and disability) paid time off parental and caregiver leave life & accident insurance and other voluntary and wellbeing benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.

Working with Us:

As a Northern Trust partner greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged senior leaders are accessible and you can take pride in working for a company committed to assisting the communities we serve!Join a workplace with a greater purpose.

Wed love to learn more about how your interests and experience could be a fit with one of the worlds most admired and sustainable companies! Build your career with us andapply today.#MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process please email our HR Service Center at .

We hope youre excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.