Principal, Technology Risk and Control

Northern Trust•Chicago, IL

1d•$114,700 - $194,900

About The Position

The Technology Risk and Control function at Northern Trust plays a critical role in enabling Global Information Technology to operate within a strong First Line of Defense, foster a robust control-aware culture, and deliver secure, compliant, and resilient technology capabilities. The function supports regulatory compliance, protects client interests, and strengthens enterprise-wide risk management practices. The Principal, Technology Risk and Control role is accountable for end-to-end ownership of the Technology Risk and Control Issue Management Program Operations. This role will be part of a highly skilled global team dedicated to promoting control awareness and ensuring disciplined management of technology risks across the organization. The successful candidate will partner closely with Global Technology stakeholders, advising on compliance with Issue Management requirements, and will collaborate with Risk, Compliance, and Audit partners to ensure a complete, accurate inventory of technology control–related issues. The role also provides operational leadership and oversight of a team responsible for executing the full lifecycle of high-risk issue management, including pre-assertion validation.

Requirements

Strong program and project management capabilities, including product/process ownership, milestone management, risk and issue escalation, system development oversight, training and awareness initiatives, and management reporting.
Demonstrated expertise in control identification and definition, issue validation methodologies, and remediation governance.
Deep understanding of information security principles, technology risk assessments, and security risk management frameworks.
Proven ability to build and sustain strong collaborative relationships across functions, including senior and executive leadership.
Excellent written and verbal communication skills, with the ability to clearly articulate complex risk and control topics to senior stakeholders.
Bachelor’s degree in technology, information security, cybersecurity, or related discipline.
Minimum of 10+ years of experience in technology risk management, control functions, audit services, or related roles with transferable skills.
Prior experience within the financial services industry is strongly preferred.
Relevant technology or security certifications (e.g., CISSP, CISA and CRIC) and professional qualifications are an advantage.
Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future.
Northern Trust will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa)

Responsibilities

Support the Issue Management Process Owner in overseeing program operations and driving the strategic direction of the Technology Issue Management process.
Provide strong program and project management leadership in the design, development, and implementation of operational enhancements to the Technology Risk and Control Issue Management Program, ensuring alignment with the Enterprise Issue Management framework and Technology-specific expectations.
Lead the simplification, standardization, and automation of Technology Issue Management metrics and reporting, leveraging Power BI to deliver accurate, timely, and actionable insights; design, develop, and implement advanced analytics and AI-enabled use cases focused on issue quality assessment, trend analysis, and identification of data quality gaps to enhance decision-making, risk visibility, and program effectiveness.
Design, deliver, and administer comprehensive training programs for Risk and Control staff, Technology teams, issue source owners, and business stakeholders.
Manage day-to-day operational activities, including development of executive-level meeting materials, facilitation of issue review forums, documentation and tracking of follow-up actions, high-risk issue validation, and status reporting.
Drive accountability by holding Control Officers and stakeholders accountable to defined process requirements and standards.
Continuously assess program effectiveness and identify opportunities for process improvement and maturity enhancement.
Serve as the primary point of contact and visible advocate (“face”) for the Technology Issue Management Program, partnering with stakeholders on adoption, integration, and potential expansion of program usage and supporting tools.
Ensure appropriate governance, challenge, and oversight of issues progressing through risk acceptance.
Facilitate governance committees, working groups, and stakeholder forums, acting as a trusted advisor on technology risk and control matters within the Issue Management scope.
Partner with Second Line of Defense teams to align on issue management expectations, aggregated risk measurement, and risk analysis; take appropriate actions to address identified gaps or emerging risk trends.
Oversee executive reporting, issue tracking and remediation, and measurement against defined risk appetite thresholds.
Influence behaviors and decision-making to reduce risk exposure and strengthen a proactive technology risk management culture across the enterprise.

Benefits

retirement benefits (401k and pension)
health and welfare benefits (medical, dental, vision, spending accounts and disability)
paid time off
parental and caregiver leave
life & accident insurance
other voluntary and well-being benefits
discretionary bonus program that may include an equity component

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume