Senior Director of Technology and Cyber Risk Management

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

The function of the Senior Director of Tech Risk Management role will be to help to define and implement 2nd line of defense functions to include developing several new capabilities This role assists Head of Cyber and Technology Risk Management in the execution of strategic technology risk objectives to include establishing 2nd LOD oversight and governance over all Technology Programs to include IT Asset Management, Enterprise Infrastructure, Cloud Infrastructure, IT Incident Management, Software Development Lifecycle, End of Life/End of Service, Disaster Recovery, and other technology programs.  This role also directs the operational and administrative activities associated with running this team and accountable for the performance management process and staffing for the team.

The key responsibilities of the role include:

• Develop and lead the oversight and governance over all technology programs in 1st LOD to include any associated standards or procedures, training, and controls
• Partner with other leaders in the Non-Financial Risk leaders to develop and mature the Technology Risk Reporting to include inputs to the Technology Risk appetite metrics and other senior management and board level dashboards. This include working with 1LOD leaders to ensure the development of KPIs, KRIs, and KCI risk
• In partnership with 1st LOD Tech and Cyber Risk and Controls team, develop new program to ensure comprehensive and recurring risk management assessments are conducted and all key controls are implemented
• Be key leader in any technology incident management activities in partnership with the Operational Resilience Incident Management and 1LOD teams
• Partner with Chief Administrative Office and Risk Reporting teams to develop KPIs and KRIs for technology risk programs
• Develop budgets and resource requirements for direct reporting teams
• Participate in the development of team strategic plans, annual goal and delivery plans, and quarterly and monthly updates and retrospectives

The successful candidate will benefit from having:

KNOWLEDGE/SKILLS 

• Broad understanding of existing and emerging technology risks, particularly those to the financial sector, and how to prevent them from impacting Northern Trust  
• Strong understanding of technology regulatory requirements for the financial sectors
• Strong understanding of cybersecurity and technology risk control frameworks to include but not limited to NIST Cybersecurity Framework, COBIT, ISO, CIS, and CSA
• Strong aptitude to develop and maintain internal and external business relationships and to leverage those relationships in pursuit of their day to day goals and responsibilities 
• Extensive knowledge of systems security architecture, excellent consultative skills, strong analytical ability and ability to work effectively with clients. 
• Experience with effectively communicating technology risk posture in the context of the business at the executive level 
• Experience with technology risk metrics development and reporting
• Extensive knowledge of technology risk management to include risk treatment, issues management, control validation, cybersecurity consultation and assessment, risk measurement and reporting, and lines of defense 
• Applies knowledge of key business drivers and the factors that maximize department performance to mitigate against and minimize risk. 
• Ability to influence risk decisions with both business and technology organizations without formal authority 

EXPERIENCE:

• 8-10 years cybersecurity experience either in an operational role or in risk management role
• Bachelor degree in computer science or related field of study or comparable work experience
• Experience leading a team in an operational risk management program with preference for technology experience in any of the three lines of defense  
• Experience leading a regionally disparate team  
• Demonstrated experience in working with senior level clients in a consultative and/or advisory capacity
• Demonstrated experience in presenting to executive management.   

We have a balanced hybrid working model to ensure you get the flexibility you need, and the successful candidate will spend their time between working in the office and working from home.

#LI-LK2, #LI-Hybrid

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.