Principal, Cyber Security - Risk and Controls

Northern TrustChicago, IL
118d$114,700 - $194,900
Match Resume

About The Position

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service. Northern Trust Technology Risk & Control function is responsible for enabling Global Information Technology to build a strong 1st Line of Defense, foster a control aware culture, deliver compliant and secure technology capabilities, protect customers and meet regulatory requirements. The Principal cybersecurity risk and control officer is part of the InfoSec Control Officer Team, responsible for leading risk and control assessments for core cyber security domains, performing security testing, and evaluating compliance to information security policies and procedures and regulatory requirements. You will work directly with cyber security teams providing guidance to implement defense-in-depth controls to protect Northern Trust and the customers. You will work with a dynamic team and contribute to the overall cyber security of the firm.

Requirements

  • 12+ years of technical or audit experience in core cyber security fields such as vulnerability / threat management, Pen-Testing, IAM, Data Protection, IH / IR, AppSec, Network Security, System Administrator, GRC
  • Expert knowledge of performing risk management based on NIST 800-53
  • Experience in determining vulnerability risk impact on key objectives and critical processes; ability to link risk management programs and initiatives to inform critical business strategies and processes
  • Excellent analytical ability, consultative and communication skills
  • Applicable industry standard certification(s) preferred
  • Bachelor degree in Computer Science or a related discipline and technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience

Responsibilities

  • Lead risk and control assessments for core cyber security domains, including vulnerability management, threat management, third-party security due diligence, identity and access management
  • Provide technical expertise to assist the development and maintenance of cyber security standards in line with industry best practices, as well as technical expertise around security threats & vulnerabilities and software security testing
  • Coordinate remediation of cyber security findings from various sources
  • Assist in development and implementation of cyber security trainings for technical domains
  • Participate in cyber incident responses to provide guidance related to cyber security risks and control assurance
  • Influence behaviors to resolve conflicts, clarify goals and outcomes, and foster a strong technology risk management culture with information security organization

Benefits

  • 401k and pension
  • medical, dental, vision, spending accounts and disability
  • paid time off
  • parental and caregiver leave
  • life & accident insurance
  • discretionary bonus program that may include an equity component

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Industry

Securities, Commodity Contracts, and Other Financial Investments and Related Activities

Education Level

Bachelor's degree

Number of Employees

5,001-10,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service