at Northern Trust Company in Chicago, Illinois, United States
Job Description
About Northern Trust:
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.
Summary
Northern Trust Technology Risk & Control function is responsible for enabling Global Information Technology to build a strong 1st Line of Defense, foster a control aware culture, deliver compliant and secure technology capabilities, protect customers, and meet regulatory requirements.
This Lead role is responsible for maintaining and driving the cyber security and technology risk control standards that dictate minimum requirements in line with regulatory and industry expectations, participating substantially in risk treatment for the global technology and information security department, and supporting the broader Technology Risk and Control team in their engagement with these processes.
You will be part of a dedicated, outstanding, and growing team that focuses on promoting control awareness and properly managing risks within the global information technology organization.
Responsibilities, (including but not limited to):
- Lead the upkeep, ongoing support, and continuous improvement of the cyber security and technology risk control standards.
- Provide leadership and effort in the buildout and maintenance of detailed mappings of control standards to various global regulatory and industry frameworks.
- Partner with relevant teams to increase awareness and adherence to standards in more effective and efficient ways (e.g., automation).
- Support the Technology risk treatment process by coordinating with control officers and control owners to identify, assess, and manage enterprise risks.
- Author thorough, well-informed, and thoughtful risk assessments to inform senior leadership and assist them in risk treatment decisions.
- Participate in ongoing risk treatment leadership meetings, ensuring efficiency and clarity to support risk decisioning.
- Drive enhancements to the Technology GRC solution to support and advance department and corporate objectives.
- Organize and prepare committee decks, ensure smooth execution of committee meetings, and communicate and track outcomes of those meetings.
- Support and train fellow team members as needed to enhance skills and knowledge.
- Proactively identify opportunities to improve team processes and knowledgebase, and lead efforts to implement.
- Influence behaviors to reduce risk and foster a strong technology risk management culture throughout the enterprise.
Knowledge/Skills
- Self-starter, motivated, able to drive efforts and propose paths forward independently
- Extensive knowledge of and experience with technology and security risks, controls, and related topics
- Advanced knowledge of risk treatment methodologies and approaches (e.g., risk assessment, control effectiveness, etc.), and experience executing and leading associated activities
- Audit and/or control testing skills a plus
- Excellent written and verbal communication skills, with high attention to detail
- Strong project management / organizational skills
- Proficiency in preparing documents for review...
Equal Opportunity Employer - minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity
