Cyber Grc Operations Principal

About Northern Trust:
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

Role/ Department:
This role will sit in the newly formed Cyber Governance, Risk and Compliance (GRC) team within Northern Trust’s Technology function (1st Line of Defense), and will focus on the measurement, analysis, oversight and reporting of cybersecurity risks and controls.

As a Global GRC Operations Principal, you will play a key role in delivering NT’s Cyber GRC processes, supporting the identification, assessment and mitigation of cyber security risks across Northern Trust. Within this specialist role you will work closely with your team to execute and continuously improve GRC processes and documentation, driving efficiency and automation. Areas of focus include cyber metrics and controls oversight, thematic analysis of risks and issues, data analytics and automation, and documentation and reporting for various stakeholders.

The key responsibilities of the role include:

- Implement, operate and optimize Cyber GRC processes and framework
- Oversight and maintenance of program documentation, including creation, review cycles and approvals
- Work alongside the Cyber GRC Risk team to support the execution of risk assessment and reporting processes
- Work alongside the Cyber GRC Compliance team to support the execution of assurance processes, including controls oversight, monitoring and reporting
- Work alongside the Cyber GRC Governance team to support the effective operation of cyber governance, reporting, and issue tracking within the firm
- Drive automation, analytics, and continuous improvements of processes for your services and within your team
- Collaborate with senior leadership to integrate cyber risk management practices into all aspects of the organization
- Stay abreast of emerging threats, trends and regulatory changes and ensure that NTs cyber risk services evolve accordingly
- Acts as a resource for direction and development, guiding less experienced staff

Skills/ Qualifications:

- Significant experience and expertise in Cyber Security Risk management and reporting
- Strong expertise in cyber security frameworks, risk management methodologies and regulatory compliance
- Experience with managing large scale cyber risk assessments and mitigation programs across complex environments
- Innovative thinking and adaptability to change
- Strong interpersonal, written and verbal communication skills
- Organizational and communication skills required to coordinate risk related activities with peers and senior executives
- High level of attention to detail
- Relevant certification such as CISSP, CISM, CRISC or similar

Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve Join a workplace with a greater purpose.

Reasonable accommodation


We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.