Northern Trust
Financial Services
SrLead,CyberSecITRiskM
Neural analysis suggests this role is
optimal for Lead candidates.
“Sr Lead, Cyber Sec IT RiskM at Northern Trust. Skills: Data security risk, Data Protection program, Cybersecurity, Risk management. Modernize data security risk management. Improve processes”
What You'll Achieve.
Reduce risk through standardization; Reduce risk through automation; Reduce risk through preventative design; Strengthen operating efficiency; Reduce audit rework
Industry & Context.
Analytical skills; Root cause analysis
What They're Looking For.
Must Have
Bachelor's degree in Information Security, Computer Science degree, Engineering degree, Equivalent relevant experience, Experience partnering across functions, Enterprise and business-unit experience, Working knowledge of security frameworks, Experience supporting audits, Experience responding to regulatory engagements, Familiarity with enterprise GRC platform, Design and operationalize evidence frameworks, Experience in process design, Workflow optimization experience, Governance standardization experience, Design scalable operating models, Experience implementing control monitoring frameworks, Analytical skills, Experience developing KPIs/KRIs, Experience developing governance artifacts, Experience with enterprise content management tools, Ability to influence stakeholders, Ability to drive alignment, Ability to operate autonomously, Ability to prioritize effectively
Nice to Have
CISSP certification, CISM certification, CISA certification, CRISC certification, Equivalent certifications, Experience with cloud platforms, Experience with infrastructure as code, Experience with CI/CD pipelines, Experience with scripting languages, Experience with data languages
What You'll Do.
Modernize data security risk management
Standardize frameworks
Shape data security strategy
Execute enterprise-wide processes
Drive governance strategy
Drive performance strategy
Lead KPI/KRI development
Optimize operational processes
Ensure high-quality delivery
Strengthen program maturity
Evolve program to proactive model
Reduce risk through standardization
Reduce risk through automation
Reduce risk through preventative design
Strengthen operating efficiency
Remove obstacles for engineers
Support broader Data Protection work
Drive continuous improvement
Improve reporting capabilities
Improve measurement capabilities
Lead operating model design
Align risk frameworks
Align control frameworks
Align compliance frameworks
Eliminate duplication across processes
Eliminate fragmentation across processes
Maintain governance strategy
Maintain reporting frameworks
Maintain maturity models
Maintain operating procedures
Design evidence frameworks
Implement evidence frameworks
Ensure controls supported by evidence
Establish linkage between risks
Establish linkage between controls
Establish linkage between metrics
Establish linkage between evidence
Demonstrate control effectiveness
Support successful control testing
Support regulatory review
Support external assessments
Identify process gaps
Identify workflow gaps
Implement process improvements
Implement workflow improvements
Develop governance processes
Improve governance processes
Develop monitoring processes
Improve monitoring processes
Meet internal requirements
Meet regulatory requirements
Ensure consistent execution
Ensure high-quality execution
Ensure documentation quality
Ensure evidence quality
Ensure metrics measure control effectiveness
Ensure metrics measure risk reduction
Oversee dashboard development
Oversee reporting package development
Oversee governance artifact development
Review executive reporting
Approve executive reporting
Review committee materials
Approve committee materials
Review operational dashboards
Approve operational dashboards
Represent Data Protection Governance
Provide advisory support
Drive adoption of data protection practices
Improve awareness across enterprise
Oversee exception management
Support RCSA activities
Support related activities
Provide functional leadership
Ensure consistency in execution
Ensure consistency in documentation
Ensure consistency in evidence quality
How You'll Work.
Team & Collaboration
Cross-functional teams; Risk, Audit, Engineering; Business functions
Communication Scope
Translate complex concepts; Clear outputs; Actionable outputs
Process & Methodology
Agile, Scrum
Full Job Description
**_About Northern Trust:_** Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. **Role Summary:** This is a high‑impact individual contributor responsible for modernizing how the firm manages data security risk through improved processes, automation, and standardized frameworks. The role requires strong techno‑functional cybersecurity expertise, experience shaping data security strategy, and hands‑on execution of enterprise‑wide processes. Within the scope of the Data Protection program, he Senior Lead drives governance and performance strategy, leads KPI/KRI development, optimizes operational processes, and ensures high‑quality delivery across policies, controls, reporting, and compliance activities. The role further contributes to issue management, audit and regulatory responses, and creation of enterprise knowledge content to strengthen program maturity. The Senior Lead is expected to evolve the program from reactive, exception‑driven operations to a proactive, control‑driven model that reduces risk through standardization, automation, and preventative design. Overall, this role strengthens operating efficiency and removes obstacles so engineers can focus on building controls that protect our Partners and Clients. This role also supports broader Data Protection work as part of a one‑team, unified effort. Success in this role requires strong analytical and communication skills and the ability to bring clarity to ambiguous work in a matrixed organization. The Senior Lead
Applying for this Sr Lead, Cyber Sec IT RiskM role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Northern Trust?
Real rants from real employees. Read before you apply.