Senior Associate Technology Risk and Controls (RCSA)

About Northern Trust:

Northern Trust a Fortune 500 company is a globally recognized award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the worlds most successful individuals families and institutions by remaining true to our enduring principles of service expertise and integrity. With more than 130 years of financial experience and over 22000 partners we serve the worlds most sophisticated clients using leading technology and exceptional service.

The Technology Risk and Control function at Northern Trust supports Global Information Technology in operating within a strong First Line of Defense promotes a controlaware culture and enables secure compliant and resilient technology capabilities.

The Senior Associate Technology Risk and Control role supports the execution of the Technology Issue Management and Risk & Control SelfAssessment (RCSA) programs. This role is responsible for planning and executing assigned RCSA activities supporting issue identification and remediation tracking and ensuring consistent application of technology risk and control standards.

The Senior Associate works closely with Technology Risk Compliance and Audit stakeholders to assess technology risks evaluate control effectiveness and support governance transparency and accountability across the technology risk lifecycle.

Key Responsibilities

Technology Risk & Control SelfAssessment (RCSA) Execution

Support and execute endtoend Technology Risk and Control SelfAssessments within the defined scope in alignment with enterprise technology risk policies control standards and risk frameworks.

Coordinate with technology and risk stakeholders to support RCSA planning scheduling data collection and completion of assessment deliverables.

Risk Identification and Control Design & Effectiveness Evaluation

Contribute to the assessment of inherent and residual technology risks and evaluate the design and operating effectiveness of key controls.

Identify control gaps execution issues and process deviations and support clear documentation of root causes and risk implications.

Assess whether controls are:

Clearly defined and appropriately documented

Aligned to identified technology risks and control objectives

Consistently executed

Supported by complete accurate and timely evidence suitable for audit and regulatory review

Risk Assessment and Assurance Support

Apply technology risk assessment techniques to support effective risk identification prioritization and articulation within RCSA activities.

Leverage exposure to SOC 1 / SOC 2 or SOX IT control testing (where applicable) to support control scoping documentation quality and evidence standards.

Assist in aligning RCSA outcomes with audit risk and regulatory expectations.

RCSA Documentation and Evidence Management

Ensure accurate and highquality documentation of RCSA results including risk statements control assessments conclusions and supporting evidence within designated tools.

Maintain discipline around evidence standards traceability and transparency to support internal and external assurance activities.

Issue Identification and Remediation Tracking

Support identification documentation and escalation of control deficiencies and risk issues arising from RCSA activities.

Assist with issue risk ratings and monitor remediation progress in alignment with issue management standards and timelines.

Stakeholder Engagement and Governance Support

Partner with technology risk and control stakeholders to support completion of RCSA activities and issue remediation actions.

Participate in governance forums working groups and readiness activities providing clear factual updates on assessment status risks and issues.

Continuous Improvement and Risk Awareness

Support identification of recurring risk themes and control weaknesses across RCSAs.

Contribute ideas and recommendations to enhance control design assessment methodologies documentation quality and overall RCSA effectiveness.

Maintain awareness of evolving industry practices regulatory expectations and technology risk trends relevant to RCSA activities.

Experience and Education

68 years of experience in Technology Risk Risk & Control SelfAssessment (RCSA) IT Risk Assessment or related roles.

Handson experience executing Technology RCSA activities or participation in SOC 1 / SOC 2 and/or SOX IT control testing including IT General Controls (ITGCs) and application controls.

Practical understanding of technology risks control design and control effectiveness evaluation.

Strong analytical documentation and stakeholder communication skills.

Preferred Certifications: CISA CISSP or CRISCs

Working with Us:

As a Northern Trust partner greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged senior leaders are accessible and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

Wed love to learn more about how your interests and experience could be a fit with one of the worlds most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process please email our HR Service Center at .

We hope youre excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.

About Our Pune Office

The Northern Trust Pune office established in 2016 is now home to over 3000 employees. The office handles various functions including Operations for Asset Servicing and Wealth Management as well as delivering critical technology solutions that support business operations across the globe.

Our Pune team takes our commitment to service to 2024 they volunteered more than 10000 hours into the communities where they live and work. Learn more.