Sr Manager, Cyber Security Engineering - Governance & Monitoring

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

About Northern Trust:

Northern Trust provides innovative financial services and guidance to corporations, institutions and affluent families and individuals globally. With 130 years of financial experience and nearly 20,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

As a Northern Trust employee (Partner), you will be part of a flexible and collaborative work culture, which has a strong history of financial strength and stability. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company that is committed to strengthening the communities we serve.

Northern Trust is committed to working with and providing adjustments to individuals with health conditions and disabilities. If you would benefit from adjustments for any part of the employment process, please inform the recruiter to discuss your individual requirements.

We recognize the value of inclusion and diversity in culture, in thought, and in experience, which is why Forbes ranked us the top employer for Diversity in 2018.

Principal Responsibilities/Requirements:

Develops and administers the solutions that meet system expectations relative to scalability, performance, fault tolerance, usability, and data integrity. Delivers solutions that meet end user expectations relative to performance, usability and security for the Information Security Engineering and Support function.

Job focus is on managing others and applying operational or strategic management skills. Management responsibilities and decisions likely include hiring, performance reviews, pay decisions and development. Achieves goals mostly through work of others. Manages professional staff and/or supervisors/ team leads. Accountable for the performance and results of a team within own area of specialty. Adapts departmental plans and priorities to address resource and operational challenges. Decisions and problem solving are guided by policies, procedures and department plan; receives guidance from manager. Provides guidance to partners, colleagues and/or clients.

Primary candidate has techno-functional knowledge and experience in Information Security domain involving undertakings and projects focusing on data security activities. This includes prior contributions to the strategic direction of data security programs, working knowledge of, and experience with the development and enterprise-wide implementation of end-to-end processes, as well as data security best practices.

• Identifies and solves technical and operational problems; understands and recognizes broader impact across the department.

• Develops periodic goals, organizes the work, sets short-term priorities, monitors all activities, and ensures timely and accurate completion of the work.

• Guided by policies and departmental plan, impacts the team’s ability to achieve service, quality and timeliness of objectives.

• Applies understanding of the business and how own area integrates with others to achieve departmental objectives.

• Guides and influences others either internally or externally to adopt a different point of view.

• Develop, socialize, maintain, and interpret complex data security governance elements (e.g., policy, standard, TOM, business processes, business continuity, and disaster recovery plans) that define data security requirements.

• Develop, implement, and execute governance and monitoring processes and controls as required per internal/external standards and regulations (e.g.:  FFIEC, GDPR, etc). 

• Responsible for execution of Data Protection Risk & Controls Self Assessments (RCSA), as well as development and ongoing maintenance and enhancement of Data Protection’s Process Risk & Controls Inventories (PRCI).

• Responsible for providing oversight for Data Protection controls design, development, execution and testing.

• Responsible for monitoring KRI/KPI and conducting escalation activities for non-compliance to data protection policies, standards, and procedures to various levels of leadership

• Contributes to the optimization, execution, and maintenance of a data security program elements, especially those involving business processes, repeatable methods, automation, controls efficacy, and measurements needed for a viable risk-based data security program (e.g.: KRI/KPI metrics).

• Works with information security management frameworks (i.e., ISO 2700X, NIST CSF, SANS Top 20 Critical Security Controls, etc.)

• Responds both verbally, and in writing, to complex inquiries and new periodic exams from both internal partners (e.g., legal, compliance, audit, risk) and external partners (e.g., regulators, external auditors, third-parties). This also includes prior experience in optimization and execution methods to improve future responses to such inquiries, as well as prior experience providing peer-review of such responses.

• Responsible for the management and tracking of internal and external issues or areas of concerns related to the Data Protection program (e.g.:  audit responses, etc)

• Responsible for managing the content on the Enterprise-wide knowledge and collaboration workspace specifically for the Data Protection program.

• Provides input and support to budget management process.

Minimum:

• Bachelor’s degree or equivalent experience
• Experience managing one or more teams; adapts department plans and priorities to meet short-term service and/or operational objectives
• Experience with Information Security Governance, Risk and Compliance (GRC) teams at both the Enterprise and various business levels
• Expert experience in design, execution and testing of information security internal controls
• Experience conducting or responding to IT Audits (internal and external), as well as regulatory enquiries
• Experience with end-to-end strategic program roadmap development
• Strong analytical and problem-solving skills
• Expert experience with report visualization (Excel, PowerPoint, Tableau, Power BI, etc.)
• Excellent communication skills
• Strong organizational and facilitation skills
• Ability to work autonomously, under pressure, and to prioritize tasks

Preferred:

• CISSP, CISM, or other information security certifications
• Experience with computer languages (SQL Query, Python, etc.)
• Vast working knowledge of Business Process Management
• Experience with KRI/KPI and dashboard reporting development and socialization

Working with Us:

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and ethical companies. In return, we will support you with your personal and career goals in a number of ways:

Financial – Life Assurance, Disability Plan, Pension/ Gratuity, Annual Pay Review

Work Life Balance – Flexible Work Options, Incremental Annual Leave, Community Volunteer Days

Health & Wellbeing – Private Medical Insurance, Active Sports & Social clubs (lunchtime and after-work groups), Employee Assistance Program

Professional Development – Clear Career Path, Education Assistance, Recognition Programme, NT University (wide range of online, virtual & in-house training options) and employee-led Business Resource Councils dedicated to diversity and inclusion initiatives.

And Finally

We hope you’re excited about the role and the opportunity to work with us.

We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.