Sr Principal, Cybersecurity Program Governance & Reporting Lead at Northern Trust

Chicago, Illinois, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Financial Services, BankingIndustries

Requirements

Expertise in cybersecurity program governance, reporting, and project delivery methodologies
Strong knowledge of industry frameworks (e.g., Cyber Risk Institute, MITRE ATT&CK, NIST)
Experience in project prioritization scoring methodologies and annual updates
Proficiency in risk and issue management, including thematic analysis and mitigation strategies
Product ownership experience, particularly with PowerBI reporting dashboards for project status, financials, staffing, and milestones
Skills in enterprise change management and organizational change management best practices
Financial management expertise, including capital/expense budgeting, forecasting, and variance analysis
Excellent communication and stakeholder management skills for chairing meetings, executive reporting, and multi-channel communications
Ability to serve as subject matter expert and advisor on project compliance and standards

Responsibilities

Chair bi-weekly meetings with program delivery staff to align priorities, disseminate updates, and conduct knowledge sharing
Direct and oversee creation of executive-level status reports for monthly, quarterly, ad-hoc leadership committees, and regulatory stakeholders
Oversee new project request process, including mapping to strategic goals and frameworks, calculating prioritization scores, and maintaining scoring methodology
Review and advise on new project requests and change controls for leadership review
Chair bi-weekly prioritization meetings and preparatory discussions with stakeholders
Facilitate office hours for identifying risks, issues, and dependencies; analyze themes and recommend improvements to leadership
Develop and provide guidance on risk mitigation strategies and issue resolution
Serve as product owner and SME for PowerBI dashboards; consult on compliance, oversee enhancements/defect resolution, and manage development team indirectly
Consult with Enterprise Change Management and Technology Organizational Change Management teams
Advise project managers on compliance with best practices and standards
Manage internal cybersecurity communication resource and partner on email/multi-channel communications plans
Manage internal cybersecurity technical writing resource for project documentation (scope, requirements, SOPs)
Lead development of capital and expense budget requests
Serve as liaison to finance stakeholders for monthly forecasting and variance review

Skills

Key technologies and capabilities for this role

CybersecurityProgram GovernanceExecutive ReportingProject PrioritizationRisk ManagementIssue ManagementNISTMITRE ATT&CKCyber Risk Institute

Questions & Answers

Common questions about this position

What is the reporting structure for this role?

This role reports directly to the Head of Cybersecurity Strategic Program Delivery.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What salary or compensation is offered for this position?

This information is not specified in the job description.

What key skills and responsibilities are required for this role?

The role requires skills in governance and reporting such as chairing meetings and creating executive status reports, project intake and prioritization using frameworks like NIST and MITRE ATT&CK, portfolio risk and issue management, and serving as product owner for PowerBI dashboards.

What experience makes a strong candidate for this position?

Strong candidates will have expertise in cybersecurity project governance, executive reporting, risk management, project prioritization using industry frameworks like NIST and MITRE ATT&CK, and experience as a product owner for reporting tools like PowerBI.