Northern Trust
Financial Services
CyberPurpleTeamOperator
Neural analysis suggests this role is
optimal for Mid candidates.
“Cyber Purple Team Operator at Northern Trust. Skills: Purple teaming, Adversary simulation, Threat intelligence, Cybersecurity. Perform intelligence led adversary simulation exercises. Provide recommendations for improving controls”
What You'll Achieve.
Improve overall defenses; Improve detections; Improve security posture; Ensure remediation efforts
Industry & Context.
Identify cybersecurity gaps; Identify gaps in processes; Identify gaps in technology; Evaluate existing security controls; Root cause analysis
Authorized to work in U.S., No visa sponsorship
What They're Looking For.
Must Have
3+ years in cybersecurity, Hands-on experience in purple teaming, Hands-on experience in red teaming, Hands-on experience in blue teaming, Understanding of MITRE ATT&CK framework, Experience with Python, Experience with PowerShell, Experience with Bash, Understanding of cybersecurity principles, Understanding of SIEM, Understanding of IDS/IPS, Understanding of EDR solutions, Experience with Offensive Security tools, Experience with Purple Team tools, Experience with Breach and Attack Simulation tools, Practical experience using AI APIs, Experience attacking cloud environments, Experience defending cloud environments, Understanding Active Directory, Understanding EntraID, Understanding modern authentication protocols, Understanding of OSI model, Understanding of networking concepts, Understanding of TCP/IP, Understanding of DNS, Understanding of TLS, Custom payload development for EDR evasion
Nice to Have
OSCP certification, OSEP certification, OSCE certification, CRTO certification, CRTP certification, GDAT certification, GCDA certification
What You'll Do.
Perform intelligence led adversary simulation exercises
Provide recommendations for improving controls
Provide recommendations for improving defenses
Assist Security Operations to test detection
Assist Security Operations to improve detection
Assist Security Operations to test logging
Assist Security Operations to improve logging
Assist Security Operations to test SIEM use cases
Assist Security Operations to improve SIEM use cases
Assist Security Operations to test incident response playbooks
Assist Security Operations to improve incident response playbooks
Translate technical findings into actionable risk metrics
Stay up-to date on latest attack TTPs
Identify gaps in processes
Identify gaps in technology
Evaluate existing security controls
Develop reports with technical findings
Develop reports with risk ratings
Develop reports with strategic recommendations
Maintain custom tools
Maintain custom scripts
Lead post exploitation reviews
Ensure remediation efforts
Maintain team's tooling infrastructure
Improve team's tooling infrastructure
Enhance log ingestion strategies
How You'll Work.
Team & Collaboration
Security Operations team; Executive shareholders
Communication Scope
Translate technical findings; Actionable risk metrics; Executive shareholders; Technical findings reports; Strategic recommendations reports
Full Job Description
**_About Northern Trust:_** Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. # Position Overview: # The Purple Team operator will play a crucial role in our cybersecurity team by planning and executing threat actor emulations to assess Northern Trust’s exposure to the latest techniques, tactics and procedures. The ideal candidate will be responsible for developing, planning, and executing advanced intelligence-lead adversary simulations to identify cybersecurity gaps to improve overall defenses and detections. This role requires a deep understanding of threat actor tactics, techniques, and procedures (TTPs), and a passion for defending against evolving cyber threats. # Key Responsibilities: * # Perform intelligence led adversary simulation exercises. * # Provide recommendations to the security operations team for improving controls and defenses based on adversary simulation exercises. * # Assist Security Operations to continuously test and improve detection, logging, SIEM use cases, and incident response playbooks. * # Bridge the communication gap by translating technical findings into actionable risk metrics for executive shareholders * # Staying up-to date on the latest attack tactics, techniques, and procedures (TTPs) used by threat actors. * # Continuous improvement of the bank’s security posture by Identifying gaps in processes and technology and evaluating existing security controls. * # Develop reports that include technical findings, risk ratings, and strategic
Applying for this Cyber Purple Team Operator role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Northern Trust?
Real rants from real employees. Read before you apply.