Lead Cyber Security Technology Risk at Northern Trust (Chicago, IL)
Sorry, this job was removed at 12:13 p.m. (CST) on Wednesday, March 16, 2022
By clicking Apply Now you agree to share your profile information with the hiring company.
As part of the governance and oversight team within the Northern Trust's Global Technology Services' Technology Risk and Control organization, you will play a vital role in establishing and maintaining a highly effective control environment. The team is responsible for key first line of defense capabilities including management of governance frameworks and control standards, analyzing impact of regulatory change, coordinating regulatory engagement, and supporting first line risk operations.Major Duties
- Provide direction and guidance for the implementation, development, and maintenance of the organization's technology risk and cyber security process, risk and control (PRC) framework, ensuring alignment with regulatory requirements as well as industry risk and control frameworks.
- Facilitate an ongoing program to review and refresh technology risk and cyber security control standards, including updates to reflect changes in the regulatory and threat environments.
- Identify, report and resolve risk appetite and risk tolerance breaches. Maintains awareness of disrupters, developments and trends.
- Monitors risk appetite metrics for changes in the risk profile using monthly reports on metrics and thresholds breaches.
- Stay abreast of industry regulatory developments and keep senior management apprised of relevant changes and developments.
- Assess the impact of new regulatory requirements and proposed policy and control standard changes; work with subject matter experts and control owners to define implementation plans.
- Facilitate a governance program to ensure procedures and guidelines supporting implementation of technology risk and cyber security controls are well documented and kept current.
- Coordinate regulatory engagement, including: agendas and materials for routine continuous monitoring meetings, fulfillment of evidence requests for examinations, responses to ad-hoc regulator requests, and assisting with various other regulator communications.
- Provide support for the first line of defense risk committee including coordinating the agenda, preparing and distributing meeting materials, managing follow up actions, and capturing meeting minutes.
- Coordinate cross flow of information between first line risk committee and other risk committees and bodies within the bank.
- Coordinate engagement for key risk and compliance activities that require cross-Technology engagement (e.g., RCSA process).
- You have an in-depth understanding of information security, IT audit and/or IT risk management principles.
- You have a good understanding of assessments of IT related processes such as information security, system development and change management, computer operations and data protection.
- Strong collaboration abilities across the 3 lines of defense.
- Familiarity with key technology risk and cyber security control frameworks.
- You can demonstrate the ability to work well in both an individual contributor and team capacity.
- You can demonstrate consultative and advisory mindset and critical thinking acumen.
- You have strong written and verbal communication skills. You can prepare clearly written, organized documents, reports and communications that demonstrate proper justification and support for any conclusions and assessment results and contain correct grammar, punctuation and spelling.
- You are attentive to details and highly organized.
- You are eager to learn and apply new concepts. Risk Management is ever-changing and your enthusiasm and desire to learn is key!
- You can interact in a professional manner and develop relationships with individuals and teams at any level in Northern Trust or third party service provider, including experience interfacing with executive management.
- You have at least 4, typically 6 or more, years of IT audit or IT risk management experience, or similar experience with transferable skills. Financial Services industry experience is a plus.
- You have a Bachelor's degree in Accounting, Finance, Information Technology, Management Information Systems, Computer Science or a related discipline.
- Gender Equality Index Member, Bloomberg
- Top Financial & Banking Company, Black EOE Journal, Hispanic Network Magazine, Professional WOMAN'S Magazine