Senior Lead Technology Risk and Control Self-Assessment

About Northern Trust:

Northern Trust a Fortune 500 company is a globally recognized award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the worlds most successful individuals families and institutions by remaining true to our enduring principles of service expertise and integrity. With more than 130 years of financial experience and over 22000 partners we serve the worlds most sophisticated clients using leading technology and exceptional service.

Technology Risk & Control SelfAssessment

Own and support the endtoend planning prioritization coordination and execution of Technology Risk and Control SelfAssessments while ensuring alignment with enterprise technology risk policies control standards and risk frameworks within the defined scope.

Risk Identification and Control Design & Effectiveness Evaluation

Lead the assessment of inherent and residual technology risks and evaluate the design and operating effectiveness of key controls. Identify control gaps execution weaknesses and process deviations and clearly articulate root causes risk implications and control maturity considerations. Ensure controls are:

• Clearly defined current and appropriately documented

• Aligned to identified technology risks and control objectives

• Consistently and sustainably executed

• Supported by complete accurate and timely evidence suitable for audit and regulatory review

Risk Assessment and Assurance Skills (Preferred)

Experience in Technology Risk Assessment and SOC / SOX IT control testing is considered an added advantage and will be leveraged to enhance the effectiveness and audit readiness of Technology RCSA activities

Applying Technology Risk Assessment techniques to strengthen risk identification prioritization and risk articulation within RCSAs

Leveraging understanding of threat scenarios risk drivers and risk appetite to enhance RCSA conclusions

Using exposure to SOC 1 / SOC 2 and SOX IT control testing to inform control scoping documentation quality and evidence standards

Supporting alignment between RCSA outcomes and audit or regulatory expectations

RCSA Documentation and Evidence Management

Ensure highquality documentation of RCSA results including risk statements control assessments conclusions and supporting artifacts within relevant tooling. Maintain strong discipline around evidence standards traceability and transparency to support audit regulatory and governance needs.

Issue Identification Risk Rating and Risk Treatment Advisory

Drive the identification documentation and escalation of control deficiencies and risk issues arising from RCSA activities.

Senior Stakeholder Engagement and Risk Governance Participation

Engage with senior stakeholders through governance forums working groups and readiness initiatives related to Risk and Control SelfAssessment.
Provide clear concise and riskfocused communication on assessment outcomes key risk themes emerging trends and material risk considerations.

Continuous Improvement and Control Standardization

Identify crossprocess risk themes trends and systemic weaknesses across RCSA assessments. Proactively recommend enhancements to control design processes assessment methodologies and testing approaches.
Contribute to the evolution and standardization of Technology Risk and RCSA frameworks supporting readiness for future assessments audits and regulatory examinations.

Industry Awareness and Risk Thought Leadership

Maintain awareness of emerging industry standards regulatory expectations and best practices related to Risk and Control SelfAssessment. Translate relevant developments into actionable insights to drive continuous improvement.

Knowledge and Experience

1012 years of experience in Technology Risk Risk & Control Self-Assessment IT Risk Assessment or related roles.

Strong handson experience leading and executing Technology Risk and Control Self Assessments (RCSA or exposure to SOC 1 / SOC 2 and/or SOX IT control testing including IT General Controls (ITGCs) and application controls.

Solid understanding of technology risks control design and control effectiveness evaluation.

Strong analytical documentation and stakeholder communication skills.

Certifications Preferred - CISA CISSP or CRISC

Working with Us:

As a Northern Trust partner greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged senior leaders are accessible and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

Wed love to learn more about how your interests and experience could be a fit with one of the worlds most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process please email our HR Service Center at .

We hope youre excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.

About Our Pune Office

The Northern Trust Pune office established in 2016 is now home to over 3000 employees. The office handles various functions including Operations for Asset Servicing and Wealth Management as well as delivering critical technology solutions that support business operations across the globe.

Our Pune team takes our commitment to service to 2024 they volunteered more than 10000 hours into the communities where they live and work. Learn more.