Cybersecurity GRC Compliance Lead
About the role
The Cybersecurity GRC Compliance Lead will act as a subject matter expert in the delivery of the team’s functions, which include assessing the applicability of and adherence to cyber rules and regulations, controls oversight and assurance, and coordination of cyber controls information and evidence to regulators, auditors and clients.
Responsibilities
- Support the operation and enhancement of cyber compliance and assurance initiatives.
- Act as a point of coordination and subject matter expert for cyber controls information and evidence requests, including SOC2 and SOX testing and reporting for all cyber controls.
- Support Cybersecurity audits, providing expertise, consolidation, and coordination of responses.
- Facilitate the production of information and evidence on cyber controls for regulatory requests.
- Facilitate the production of information and evidence on cyber controls for client requests, supporting new client revenue generation and existing client retention.
- Oversee adherence to cyber-related regulatory requirements in all jurisdictions globally in which Northern Trust operates.
- Provide oversight, tracking, analysis, and reporting of all cybersecurity issues and findings to ensure timely, complete, and compliant remediation.
- Proactively work with the broader Cybersecurity team to ensure new products, services, and processes are built and operated in a controlled and compliant manner.
- Engage with a range of senior stakeholders across Lines of Defense to ensure cybersecurity regulations and internal control requirements are well understood and embedded in business and technology practices.
Qualifications
- Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field.
- Minimum of 7 years of experience in cybersecurity, with a focus on assurance or audit.
- Strong knowledge of cyber regulations, risk management frameworks, and methodologies.
- Strategic thinker with a strong understanding of cyber threats, vulnerabilities, and risk mitigation options.
- Innovative thinker and adaptable to change.
- Strong communication and presentation skills, capable of translating technical risk into business terms.
- Excellent analytical, problem-solving, and decision-making skills.
- Relevant certifications such as CISSP, CISM, CRISC, or similar.
Benefits
Salary Range: $83,100 - 141,300 USD
Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits.
Pay
Salary range is a good faith estimate of base pay.
Schedule
Not specified.
Skills
- Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field.
- Minimum of 7 years of experience in cybersecurity, with a focus on assurance or audit.
- Strong knowledge of cyber regulations, risk management frameworks, and methodologies.
- Strategic thinker with a strong understanding of cyber threats, vulnerabilities, and risk mitigation options.
- Innovative thinker and adaptable to change.
- Strong communication and presentation skills, capable of translating technical risk into business terms.
- Excellent analytical, problem-solving, and decision-making skills.
- Relevant certifications such as CISSP, CISM, CRISC, or similar.
Benefits
Not specified.
Pay
Not specified.
Schedule
Not specified.