Lead, Cyber Sec IT Risk
Job Description
Summary
Northern Trust Technology Risk & Control function is responsible for enabling Global Information Technology to build a strong 1st Line of Defense, foster a control aware culture, deliver compliant and secure technology capabilities, protect customers and meet regulatory requirements. The Lead Risk and Control Officer is part of the InfoSec Control Officer Team, responsible for leading and supporting risk and control assessments for core cyber security domains, performing security testing, and evaluating compliance to information security policies and procedures and regulatory requirements. The role will work directly with cybersecurity, Infrastructure and business units teams providing guidance to implement defense-in-depth controls to protect Northern Trust and the customers. As well as work with a dynamic team and contribute to the overall cyber security of the firm.
Major Duties include but not limited to;
• Advise and support risk and control assessments for core cyber security domains
• Lead remediation of cyber security findings from various sources
• Solves problems and timely management of open risk and control gaps
• Support the development and maintenance of cyber security standards in line with industry best practices, as well as support technical engagements around security threats & vulnerabilities and software security testing
Knowledge /Skills/Abilities/Experience & Desirable Criteria include;
• Technical or audit experience in core cyber security fields such as vulnerability / threat management, Pen-Testing, IAM, Data Protection, IH / IR, AppSec, Network Security, System Administrator, GRC
• Understanding of Technology Risk & Controls across domains
• Knowledge of performing risk management and industry standards, NIST etc.
• Ability to proactively assess issues, identify solutions and problem solve.
• Ability to understand and interact with technology subject matter experts regarding technology topics
• Analytical, consultative and communication skills with ability to communicate control requirements to partners in terms easily understood
• Organized and time management skill, with ability to produce high quality timely deliverables
• Flexible approach towards changing work methods, deadlines and variable workloads.
• Ability to adapt and react timely and positively in a changing and dynamic work environment.
• Knowledge Microsoft Office Suite and ability to learn new tools as needed.
• Applicable industry standard certification(s) desired
• Bachelor degree in Computer Science or a related discipline and technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience
Northern Trust Technology Risk & Control function is responsible for enabling Global Information Technology to build a strong 1st Line of Defense, foster a control aware culture, deliver compliant and secure technology capabilities, protect customers and meet regulatory requirements. The Lead Risk and Control Officer is part of the InfoSec Control Officer Team, responsible for leading and supporting risk and control assessments for core cyber security domains, performing security testing, and evaluating compliance to information security policies and procedures and regulatory requirements. The role will work directly with cybersecurity, Infrastructure and business units teams providing guidance to implement defense-in-depth controls to protect Northern Trust and the customers. As well as work with a dynamic team and contribute to the overall cyber security of the firm.
Major Duties include but not limited to;
• Advise and support risk and control assessments for core cyber security domains
• Lead remediation of cyber security findings from various sources
• Solves problems and timely management of open risk and control gaps
• Support the development and maintenance of cyber security standards in line with industry best practices, as well as support technical engagements around security threats & vulnerabilities and software security testing
Knowledge /Skills/Abilities/Experience & Desirable Criteria include;
• Technical or audit experience in core cyber security fields such as vulnerability / threat management, Pen-Testing, IAM, Data Protection, IH / IR, AppSec, Network Security, System Administrator, GRC
• Understanding of Technology Risk & Controls across domains
• Knowledge of performing risk management and industry standards, NIST etc.
• Ability to proactively assess issues, identify solutions and problem solve.
• Ability to understand and interact with technology subject matter experts regarding technology topics
• Analytical, consultative and communication skills with ability to communicate control requirements to partners in terms easily understood
• Organized and time management skill, with ability to produce high quality timely deliverables
• Flexible approach towards changing work methods, deadlines and variable workloads.
• Ability to adapt and react timely and positively in a changing and dynamic work environment.
• Knowledge Microsoft Office Suite and ability to learn new tools as needed.
• Applicable industry standard certification(s) desired
• Bachelor degree in Computer Science or a related discipline and technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience
Explore More
Apply Now
Back to Job Listings
Add To Job List
Company Profile
View Company Reviews
Date Posted
08/16/2023
Views
7
Neutral
Subjectivity Score: 0.7
Similar Jobs
Lead Architect - Analytics Engineering (Requiring Python) - CVS Health
Views in the last 30 days - 0
View DetailsEnvironment, Health and Safety (EHS) Lead, Apple Retail - Apple
Views in the last 30 days - 0
View Details