Lead, Control Testing Risk (Cyber, Technology and Non-Technology)

Northern Trust•Chicago, IL

64d•Hybrid

About The Position

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service. The Second Line of Defense (2LOD) Controls Testing partner will operate with minimal guidance and increased autonomy. This role involves leveraging in-depth conceptual and practical knowledge to execute complex testing engagements, refine methodologies, mentor less experienced team members, and provide strategic insights that influence the cyber, technology and non-technology risk posture.

Requirements

6+ years of experience in IT Audit, Cybersecurity, IT Risk & Control, or related fields
In-depth understanding of cyber and technology risks within the financial services sector
Experience with cloud security, MFA solutions, password management tools, and Secure SDLC practices
Strong analytical, communication, and negotiation skills to handle complex issues and build consensus among stakeholders
Demonstrated ability to guide less experienced team members and effectively manage projects
Proficiency in Microsoft Office 365 and familiarity with risk management/GRC tools (e.g., ServiceNow, Fusion) to streamline issue tracking and remediation

Nice To Haves

CISSP, CISM, CISA, CRISC, or equivalent certifications strongly preferred

Responsibilities

Test, validate, and enhance control testing methodologies and test procedures, ensuring they remain effective amid evolving cyber and technology threats
Perform 2LOD validation work on complex engagements, including advanced testing plans, detailed workpapers, comprehensive findings, and high-quality reporting to risk committees
Oversee the resolution of complex risk issues, collaborating with various teams to design, implement, and improve controls, aligning with industry standards and regulatory expectations
Conduct in-depth examinations of cyber and non-cyber risk controls, evaluate their design and operational effectiveness, and recommend remediation strategies to leadership
Support second-line governance activities, participating in Risk Identification and Change Initiative Risk Assessment processes, and offering expertise on risk trends and control gaps
Communicate complex operational and technical risk findings to stakeholders in a clear and persuasive manner, working to build consensus and influence remediation efforts
Apply advanced risk assessment knowledge to identify critical risks and controls, informing testing priorities and strengthening risk management strategies
Manage multiple testing initiatives simultaneously, applying strong project management and organizational skills while maintaining flexibility in a dynamic environment
Monitor evolving banking/financial regulatory requirements, ensuring continuous alignment of testing activities with regulatory guidance and industry best practices

Benefits

Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits.
Northern Trust also provides a discretionary bonus program that may include an equity component.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume