Cybersecurity GRC Compliance Principal at Northern Trust

Chicago, Illinois, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Financial ServicesIndustries

Requirements

Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field
Minimum of 10 years of experience in cybersecurity, with a focus on assurance or audit
Extensive knowledge of cyber regulations, risk management frameworks, and methodologies
Proven experience in technical leadership roles, influencing executive stakeholders
Strategic thinker with a strong understanding of cyber threats, vulnerabilities, and risk mitigation options
Innovative thinker and adaptable to change
Exceptional communication and presentation skills, capable of translating technical risk into business terms
Excellent analytical, problem-solving, and decision-making skills
Relevant certifications such as CISSP, CISM, CRISC, or similar

Responsibilities

Lead the technical direction and development of cyber compliance and assurance initiatives, providing expert guidance and support
Act as a central point of coordination and subject matter expert for cyber controls information and evidence requests, including SOC2 and SOX testing and reporting for all cyber controls
Interface with Internal Audit for all cyber audits, providing expertise, consolidation, and coordination
Facilitate the production of information and evidence on cyber controls for regulatory requests
Facilitate the production of information and evidence on cyber controls for client requests, supporting new client revenue generation and existing client retention
Oversee and ensure adherence to all cyber-related regulatory requirements in all jurisdictions globally in which Northern Trust operates, leading action to address new requirements
Provide oversight, tracking, analysis, and reporting of all cybersecurity issues and findings to ensure timely, complete, and compliant remediation
Proactively work with the broader Cybersecurity team to ensure new products, services, and processes are built and operated in a controlled and compliant manner
Engage with a range of senior stakeholders across Lines of Defense to ensure cybersecurity regulations and internal control requirements are well understood and embedded in business and technology practices

Skills

Key technologies and capabilities for this role

CybersecurityGRCComplianceSOC2SOXInternal AuditRegulatory ReportingControls AssuranceStakeholder ManagementRisk Management

Questions & Answers

Common questions about this position

What education and experience are required for this role?

A Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field is required, along with a minimum of 10 years of experience in cybersecurity focused on assurance or audit, plus extensive knowledge of cyber regulations.

What are the key responsibilities of the Cybersecurity GRC Compliance Principal?

The role involves leading cyber compliance initiatives, coordinating controls information for SOC2, SOX, audits, regulators, and clients, overseeing global regulatory adherence, tracking cybersecurity issues, and engaging senior stakeholders.

What is the salary or compensation for this position?

This information is not specified in the job description.

Is this role remote or does it require office work?

This information is not specified in the job description.

What skills make an ideal candidate for this position?

The ideal candidate combines deep subject matter expertise in cybersecurity and assurance (audit or compliance), with exceptional communication and stakeholder management skills.