Cybersecurity GRC Compliance Principal

About The Position

Requirements

• Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field.
• Minimum of 10 years of experience in cybersecurity, with a focus on assurance or audit.
• Extensive knowledge of cyber regulations, risk management frameworks, and methodologies.
• Proven experience in technical leadership roles, influencing executive stakeholders.
• Strategic thinker with a strong understanding of cyber threats, vulnerabilities, and risk mitigation options.
• Innovative thinker and adaptable to change.
• Exceptional communication and presentation skills, capable of translating technical risk into business terms.
• Excellent analytical, problem-solving, and decision-making skills.
• Relevant certifications such as CISSP, CISM, CRISC, or similar.

Responsibilities

• Lead the technical direction and development of cyber compliance and assurance initiatives, providing expert guidance and support.
• Act as a central point of coordination and subject matter expert for cyber controls information and evidence requests, including SOC2 and SOX testing and reporting for all cyber controls.
• Interface with Internal Audit for all cyber audits, providing expertise, consolidation, and coordination.
• Facilitate the production of information and evidence on cyber controls for regulatory requests.
• Facilitate the production of information and evidence on cyber controls for client requests, supporting new client revenue generation and existing client retention.
• Oversee and ensure adherence to all cyber-related regulatory requirements in all jurisdictions globally in which Northern Trust operates, leading action to address new requirements.
• Provide oversight, tracking, analysis, and reporting of all cybersecurity issues and findings to ensure timely, complete, and compliant remediation.
• Proactively work with the broader Cybersecurity team to ensure new products, services, and processes are built and operated in a controlled and compliant manner.
• Engage with a range of senior stakeholders across Lines of Defense to ensure cybersecurity regulations and internal control requirements are well understood and embedded in business and technology practices.

Benefits

• Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits.
• Northern Trust also provides a discretionary bonus program that may include an equity component.