Lead, Control Testing Risk (Cyber, Technology and Non-Technology) at Northern Trust

Chicago, Illinois, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Financial Services, BankingIndustries

Requirements

6+ years of experience in IT Audit, Cybersecurity, IT Risk & Control, or related fields
CISSP, CISM, CISA, CRISC, or equivalent certifications strongly preferred
In-depth understanding of cyber and technology risks within the financial services sector
Experience with cloud security, MFA solutions, password management tools, and Secure SDLC practices
Strong analytical, communication, and negotiation skills to handle complex issues and build consensus among stakeholders
Demonstrated ability to guide less experienced team members and effectively manage projects
Proficiency in Microsoft Office 365 and familiarity with risk management/GRC tools (e.g., ServiceNow, Fusion) to streamline issue tracking and remediation

Responsibilities

Test, validate, and enhance control testing methodologies and test procedures, ensuring they remain effective amid evolving cyber and technology threats
Perform 2LOD validation work on complex engagements, including advanced testing plans, detailed workpapers, comprehensive findings, and high-quality reporting to risk committees
Oversee the resolution of complex risk issues, collaborating with various teams to design, implement, and improve controls, aligning with industry standards and regulatory expectations
Conduct in-depth examinations of cyber and non-cyber risk controls, evaluate their design and operational effectiveness, and recommend remediation strategies to leadership
Support second-line governance activities, participating in Risk Identification and Change Initiative Risk Assessment processes, and offering expertise on risk trends and control gaps
Communicate complex operational and technical risk findings to stakeholders in a clear and persuasive manner, working to build consensus and influence remediation efforts
Apply advanced risk assessment knowledge to identify critical risks and controls, informing testing priorities and strengthening risk management strategies
Manage multiple testing initiatives simultaneously, applying strong project management and organizational skills while maintaining flexibility in a dynamic environment
Monitor evolving banking/financial regulatory requirements, ensuring continuous alignment of testing activities with regulatory guidance and industry best practices

Skills

Key technologies and capabilities for this role

Control TestingRisk ValidationCyber RiskTechnology RiskOperational RiskControl DesignControl EffectivenessRemediation StrategiesRisk GovernanceRegulatory ComplianceRisk ReportingRisk Assessment

Questions & Answers

Common questions about this position

What experience is required for this Lead, Control Testing Risk role?

The role requires 6+ years of experience in IT Audit, Cybersecurity, IT Risk & Control, or related fields.

What certifications are preferred for this position?

CISSP, CISM, CISA, CRISC, or equivalent certifications are strongly preferred.

What specific technical knowledge is beneficial for this role?

Candidates benefit from in-depth understanding of cyber and technology risks in financial services, plus experience with cloud security, MFA solutions, password management tools, and Secure SDLC practices.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What is the salary or compensation for this role?

This information is not specified in the job description.