About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

Role:

This role is part of the Information Security & Data Protection organisation, aligning to Global Information Technology. We operate within a complex landscape driven by client expectations and the vastness/variety that comes with operating in countries across the globe. 

The role is for a Data Protection - Cloud Risk & Remediation Consultant accountable for driving control compliance with policies, standards and targeting prioritized applications/solutions/architectures to reduce risk.

The primary candidate has technical knowledge and experience in Information Security domain involving application security and security risk consultancy focusing on data security within multi-cloud environments.

Key Responsibilities:

Offer guidance, best practices, and support across businesses to drive awareness and understanding of the technology risk and controls framework and challenges to compliance with it.  Develops and administers the solutions and detective controls that meet system expectations relative to scalability, performance, fault tolerance, usability, and data integrity. Delivers solutions that meet end user expectations relative to performance, usability and security for the Data Protection Engineering and Architecture function. Determining operational feasibility by evaluating, analyzing, problem definition, requirements, solution development, and proposing solutions. Collaborating with Enterprise Architecture organization as needed. Reviewing documentation, processes or procedures, and recommends where automation or improvements can be implemented. Operating independently; has in-depth knowledge of business unit/function; accomplishes engineering and organization mission by completing related results as needed. Lead Application risk reviews and assessments, identifying threats, communicating with Application teams and stakeholders to define risk treatment activities. Act as an InfoSec subject matter expert, primarily focused on cloud application security across the Bank’s core technology within Azure & AWS cloud platforms. Maintain specialist knowledge in assigned security processes, systems or frameworks Represent Information Security with Business stakeholders as a trusted advisor, finding pragmatic and cost-effective security solutions that efficiently support customer needs.

Skills & Qualifications:

Experience within Security & Technology experience across a broad range of architectures. Security Architecture experience with hands on experience designing and delivering technology solutions.  Experience in the area of technology risk. Successful candidate is likely to have held roles such as Security Risk Consultant, Risk Consultant, Information or IT Security Risk Manager, IT Audit Manager, IT Incident Manager or Security Analyst.  Extensive experience with cloud technology including, hybrid environments, security from the start design (SSDLC)  Experience conducting architecture reviews to find and evaluate application and infrastructure security risks using Threat Modelling methodologies (e.g. STRIDE)  Extensive experience in developing and implementing detective controls using Regular Expressions etc. Relevant technical qualifications such as CRISC, CISM, CISA, CISSP, AWS Certified Security etc;  Relevant business experience/qualifications/knowledge: Expertise established in assessing and articulating technology and/or security risk in the context of various other operational risks and challenges facing the organization. Information Security subject matter expert in multiple cloud technology areas such as M365, Azure (Identity, Security and Compliance), Wiz, Defender, Azure DevOps, Azure IaaS, SaaS etc. Solid, practical and demonstrable experience of information security (technical and non technical aspects), ideally with an understanding of privacy & Data Management; Able to influence decision making to surface and mitigate issues and risks across a wide range of stakeholders; Positive, collaborative and builds and maintains effective relationship with others Pragmatic, and effectively balances risk and control requirements with commercial drivers; Ability to articulate and document security requirements and risks so that they are accurate, auditable and understandable; Ability to solve problems creatively and effectively Plan, organise and prioritise tasks and projects effectively

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at .

We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.