Principal, Stakeholder Engagement

About The Position

Requirements

• Bachelor's degree or equivalent relevant work or military experience
• Minimum 7 years' experience in cybersecurity field
• Minimum 5 years' communications and training experience
• Previous experience directly supporting C-Suite executives
• Previous financial sector experience
• Excellent written communication skills
• Ability to clearly communicate complex technical information to non-technical audiences
• Strong interpersonal skills (collaboration, diplomacy, conflict resolution)
• Attention to detail and meticulousness in task execution
• Ability to manage multiple projects and deadlines effectively
• Problem-solving skills and ability to think critically

Nice To Haves

• Previous cybersecurity awareness experience
• Previous external engagement experience

Responsibilities

• Lead company internal and external cybersecurity communications efforts
• Provide internal communications support to the CISO, to include drafting communications to employees and executives, developing presentations and talking points for internal meetings, and executing town halls
• Develop and execute communications campaigns regarding cybersecurity control, policy, or process changes for employees and executives
• Draft internal communications in the event of a cyber event or incident
• Develop presentations and talking points in support of presentations to the Board
• Represent the company in relevant industry forums (ex: FS-ISAC, FSSCC, NCA, EWF, CRI) and participate in relevant committees and working groups
• Ensure CISO and other cybersecurity SMEs are informed about relevant industry activities (exercises, working groups, white papers, conferences, etc.)
• Provide external communications support to the CISO, to include developing presentations and talking points for external speaking engagements
• Lead company cybersecurity training and awareness efforts
• Lead development of annual employee cybersecurity training that is compliant with relevant regulatory requirements, reflects current cyber risks to the company, and includes specific training for employees in high-risk roles (privileged users, developers, etc.)
• Regularly conduct simulated phish testing based on current social engineering tactics targeting the company
• Coordinate with cybersecurity leaders to determine their teams' training needs and develop and deliver appropriate training
• Develop a year-round cybersecurity awareness campaign for partners

Benefits

• Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits.
• Northern Trust also provides a discretionary bonus program that may include an equity component.