Jobs · Information Technology · Illinois

Sr Lead, Cyber Sec IT RiskM

Northern Trust · Chicago, IL · 3 wk ago
Information Technology$115k–$195k/yrFull-time

About the role

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

Responsibilities

  • Drive continuous improvement across the Data Protection program’s governance processes, reporting, and measurement capabilities that support the firm’s risk-based data security program.

  • Lead the design and evolution of the Data Protection operating model, ensuring alignment across risk, control, and compliance frameworks (e.g., RCSA, PRC, control testing).

  • Identify and eliminate duplication or fragmentation across governance processes, driving a unified and scalable operating model.

  • Maintain governance strategy, reporting frameworks, maturity models, and operating procedures.

  • Design and implement frameworks that ensure controls are supported by clear, traceable, and audit-ready evidence.

  • Establish linkage between risks, controls, metrics, and evidence to demonstrate control effectiveness.

  • Ensure governance outputs support successful control testing, regulatory review, and external assessments.

  • Identify process and workflow gaps and implement improvements to increase efficiency, consistency, and alignment.

  • Develop and continuously improve governance and monitoring processes to meet internal and regulatory requirements.

  • Ensure consistent, high-quality execution across governance activities and outputs.

  • Own the KPI/KRI strategy ensuring metrics measure control effectiveness and risk reduction.

  • Oversee development of dashboards, reporting packages, and governance artifacts (policies, standards, operating models).

  • Review and approve executive reporting, committee materials, and operational dashboards.

  • Data Governance: Represent Data Protection Governance as a subject matter expert on control effectiveness, governance maturity, and risk posture in senior leadership, audit, and regulatory forums.

  • Provide advisory support on data protection governance, controls, and exception management.

  • Drive adoption of data protection practices and improve awareness across the enterprise.

  • Oversee PRC analysis, exception management, and support RCSA and related activities.

  • Provide functional leadership to analysts, ensuring consistency in execution, documentation, and evidence quality.

Qualifications

  • Education & Foundational: Bachelor’s degree in Information Security, Computer Science, Engineering, or equivalent relevant experience.

  • Experience: Partnering across functions (e.g., Cyber Security, Data Governance, business stakeholders) at both enterprise and business-unit levels.

  • Security & Governance Competency: Working knowledge of security frameworks (e.g., ISO, NIST). Experience supporting or responding to audits, including regulatory engagements (e.g., FFIEC). Familiarity with enterprise grade GRC platform (e.g., ServiceNow GRC, MetricStream, IBM OpenPages, etc.). Demonstrated ability to design and operationalize evidence frameworks that validate control effectiveness and reduce audit rework.

  • Process Engineering & Optimization: Experience in process design, workflow optimization, and governance standardization. Ability to design scalable operating models aligning risk, control, and compliance processes. Experience implementing control monitoring frameworks tied to measurable outcomes.

  • Metrics, Reporting, & Analytics: Strong analytical skills with experience developing KPIs/KRIs and governance reporting. Proficiency with reporting and visualization tools (e.g., Excel, Power BI, Tableau). Familiarity with log analytics or monitoring platforms (e.g., KQL, SIEMs).

  • Knowledge Management & Collaboration: Experience with enterprise content management tools (e.g., Confluence, SharePoint). Ability to influence stakeholders and drive alignment across functions without direct authority. Strong communication skills with the ability to translate complex concepts into clear, actionable outputs. Ability to operate autonomously and prioritize effectively in ambiguous environments.

Skills

  • Cloud, IaC, and Engineering: Working knowledge of cloud platforms (e.g., Azure) and infrastructure concepts. Working knowledge of infrastructure as code (e.g., Terraform) and CI/CD pipelines.

  • Scripting or Data Languages: Exposure to automation and cloud-native tools supporting scalable governance and monitoring. Experience with scripting or data languages (e.g., Python, SQL).

Benefits

Salary Range: $114,500 - 194,700 USD
Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits.
Northern Trust also provides a discretionary bonus program that may include an equity component.

Pay

$114,500 - 194,700 USD

Schedule

Hybrid Work Policies

Similar jobs

Cyber Security Lead

Dunhill Professional Search & Government SolutionsGermantown, MD· 5 days ago
Information Technology$130k/yrapply on recruiterflow.com

Cyber Security Lead

SprezzaturaUnited States· 2 wk ago
RemoteEngineering$120k–$140k/yrapply on workforcenow.adp.com

Cyber Threat Lead

MANTECHChandler, AZ· 3 wk ago
Information Technologyapply on mantech.avature.net