Northern Trust
Lead, IT Risk Management - Issue Management / Value Chain Assessments
Northern Trust, Chicago, Illinois, United States, 60290
About Northern Trust:
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.
You will work with Northern Trust's Technology Risk and Control team to support the regular operations of the Technology Risk & Control Issue Management program. You will support the development of materials for presentation to executive Technology leadership, including interacting with partners across Technology to obtain updates on risk related remediation projects, running reports, creating/validating key data, and deriving risk-based insights on the data to prompt actions by leadership. You will also support the lifecycle of process improvement from brainstorming requirements to developing solutions, to creating communication/training material/job aids to support the changes.
Additionally, you will be engaged in an enterprise initiative on identifying resiliency vulnerabilities for important business services (IBS). This effort will include data gathering, workshop facilitation, results presentation and consensus building, and tracking of identified vulnerabilities. This is a new area of focus with strong ties to business continuity and disaster recovery domains.
You will be part of a dedicated and outstanding team that focuses on promoting control awareness and properly manage risks within the global information technology organization.
Responsibilities
Issue Management:
Support the Issue Management process owner in managing the program operations and develop/implement strategic direction for the process Provide project management, leadership, and oversight in the development and implementation of process and tool enhancements to the Technology Risk and Control Issue Management program Develop and administer training program for risk and control staff, the Technology department, issue source owners, and business stakeholders Manage daily operational activities including meeting presentation materials, issue review meetings, documenting/tracking follow-ups, and status reporting Hold control officers accountable to process requirements Continuously monitor the effectiveness of the process and determine appropriate process improvements and maturity development opportunities Be the face of the Technology issue management program; liaise with stakeholders on integration or potential expanded usage of the program and tool Ensure appropriate escalation and handoffs to the risk treatment program and leadership committees Facilitate governance committees, working groups and stakeholder meetings as a trusted risk and control advisor within the scope of issue management Collaborate with 2nd line of defense staff on aggregated risk measurement and analysis; take appropriate action on results to address identified risk areas or deficiencies Influence behaviors to reduce risk and foster a strong technology risk management culture throughout the enterprise
Value Chain:
Collaborate with both business and technology system owners and other relevant departments to ensure alignment on resiliency strategies Facilitate workshops to identify potential resiliency vulnerabilities and control weaknesses Present workshop results to drive consensus with key stakeholders Collaborate and advise leaders on creating action plans for identified resiliency vulnerabilities Lead the development and maintenance of the technology resiliency vulnerability assessment process and documentation Work with other teams to ensure that resiliency vulnerability assessments and results are integrated into appropriate aspects of day-to-day operations
Qualifications Strong working knowledge of the inherent cyber and resiliency risks in the financial services industry In-depth understanding and experiences of information security, risk assessments, security risk management principles Experience with risk treatment and issues management functions and industry tools to support the program (i.e., ServiceNow) Excellent analytical skills, with the ability to identify problems, develop and communicate strategic solutions Organizational and communication skills required to coordinate risk related activities with peers and senior executives Ability to quantitatively measure and assess risks Strong understanding of data analytics and related tools including Power BI Advanced Microsoft Office 365 skills Strong knowledge of operational resiliency including disaster/business recovery, business continuity management, corporate risk policies and standards Compelling written and verbal communicator, with the ability to adjust communication style to audience need when explaining complex situations; proven track record in presenting to senior management Strong Stakeholder Management Self-motivated individual operating with minimal oversight Your Employment Experience
A Bachelor's degree in a related technical field or equivalent practical experience 7+ years of IT experience to include but not limited to: Cyber and Business Resilience, Cybersecurity, Risk Management, IT Risk and Control, and/or IT Audit CRISC, CISM, CISA, CISSP, or equivalent certifications highly preferred
Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.
We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.
Apply today and talk to us about your flexible working requirements and together we can achieve greater.
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.
You will work with Northern Trust's Technology Risk and Control team to support the regular operations of the Technology Risk & Control Issue Management program. You will support the development of materials for presentation to executive Technology leadership, including interacting with partners across Technology to obtain updates on risk related remediation projects, running reports, creating/validating key data, and deriving risk-based insights on the data to prompt actions by leadership. You will also support the lifecycle of process improvement from brainstorming requirements to developing solutions, to creating communication/training material/job aids to support the changes.
Additionally, you will be engaged in an enterprise initiative on identifying resiliency vulnerabilities for important business services (IBS). This effort will include data gathering, workshop facilitation, results presentation and consensus building, and tracking of identified vulnerabilities. This is a new area of focus with strong ties to business continuity and disaster recovery domains.
You will be part of a dedicated and outstanding team that focuses on promoting control awareness and properly manage risks within the global information technology organization.
Responsibilities
Issue Management:
Support the Issue Management process owner in managing the program operations and develop/implement strategic direction for the process Provide project management, leadership, and oversight in the development and implementation of process and tool enhancements to the Technology Risk and Control Issue Management program Develop and administer training program for risk and control staff, the Technology department, issue source owners, and business stakeholders Manage daily operational activities including meeting presentation materials, issue review meetings, documenting/tracking follow-ups, and status reporting Hold control officers accountable to process requirements Continuously monitor the effectiveness of the process and determine appropriate process improvements and maturity development opportunities Be the face of the Technology issue management program; liaise with stakeholders on integration or potential expanded usage of the program and tool Ensure appropriate escalation and handoffs to the risk treatment program and leadership committees Facilitate governance committees, working groups and stakeholder meetings as a trusted risk and control advisor within the scope of issue management Collaborate with 2nd line of defense staff on aggregated risk measurement and analysis; take appropriate action on results to address identified risk areas or deficiencies Influence behaviors to reduce risk and foster a strong technology risk management culture throughout the enterprise
Value Chain:
Collaborate with both business and technology system owners and other relevant departments to ensure alignment on resiliency strategies Facilitate workshops to identify potential resiliency vulnerabilities and control weaknesses Present workshop results to drive consensus with key stakeholders Collaborate and advise leaders on creating action plans for identified resiliency vulnerabilities Lead the development and maintenance of the technology resiliency vulnerability assessment process and documentation Work with other teams to ensure that resiliency vulnerability assessments and results are integrated into appropriate aspects of day-to-day operations
Qualifications Strong working knowledge of the inherent cyber and resiliency risks in the financial services industry In-depth understanding and experiences of information security, risk assessments, security risk management principles Experience with risk treatment and issues management functions and industry tools to support the program (i.e., ServiceNow) Excellent analytical skills, with the ability to identify problems, develop and communicate strategic solutions Organizational and communication skills required to coordinate risk related activities with peers and senior executives Ability to quantitatively measure and assess risks Strong understanding of data analytics and related tools including Power BI Advanced Microsoft Office 365 skills Strong knowledge of operational resiliency including disaster/business recovery, business continuity management, corporate risk policies and standards Compelling written and verbal communicator, with the ability to adjust communication style to audience need when explaining complex situations; proven track record in presenting to senior management Strong Stakeholder Management Self-motivated individual operating with minimal oversight Your Employment Experience
A Bachelor's degree in a related technical field or equivalent practical experience 7+ years of IT experience to include but not limited to: Cyber and Business Resilience, Cybersecurity, Risk Management, IT Risk and Control, and/or IT Audit CRISC, CISM, CISA, CISSP, or equivalent certifications highly preferred
Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.
We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.
Apply today and talk to us about your flexible working requirements and together we can achieve greater.