About Northern Trust
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.
To support its continued evolution, Northern Trust is seeking an experienced cybersecurity and technology risk executive to be its Deputy Chief Information Security Officer (CISO).
The ideal candidate will be innovative, intellectually curious, and able to “connect the dots” in order to conceptualize new solutions for the business, drive operational excellence within the security functions and lead key change initiatives. Although this individual will possess a high-degree of creativity, their ability to deliver outcomes and results in a fast-paced, large scale environment is critical to success in this role. In addition, the Deputy CISO will support the CISO working within the operational risk structure of the company including engagement with the Board of Directors.
The Ideal Candidate Will Have The Following Characteristics
- Experienced in leading organizations that operate within complex regulatory environments. Ideally financial services but could also be pharmaceutical, insurance or healthcare.
- Will have a track record of effective risk management in a complex business environment and experience running one or multiple functional teams within an information security program.
- Northern Trust has a strong culture, this individual must be adept at integrating into the culture of the company while bringing fresh external perspectives. Interpersonal relationships and executive presence are essential.
- The ideal candidate has likely been a CISO in a smaller company or is the current number two/three in a large corporate environment.
Key Responsibilities
- Implement and achieve key quality and productivity metrics for security overall with a focus on risk management and performance; ensuring these are benchmarked to industry best practices.
- Represent the information security program effectively with internal lines of defense along with US and International regulatory bodies.
- Drive the strategic prioritization process by aligning business goals with information security resources, identifying the initiatives that are of the highest value to the business, and gaining buy-in for those initiatives.
- Assist in the recruitment, retention and management of an effective information security organization that endorses and supports the values and mission of the company.
- Represent Northern Trust as an innovative thought leader at the executive level of the firm, as well as externally with partners, clients, and industry peers.
- Transform the firm into a data and analytics leader within the financial services industry; identify and implement strategies focused on continuous evolution and innovation.
- Design and lead key change initiatives that are cross functional (security, business, technology) and drive new capability development, efficient execution, and/or significant risk reduction.
Critical Leadership Capabilities
Strategic Thinking
- Translates broad corporate strategies into clear, specific objectives and plans for units and individuals.
- Creates plans that address specific segments or contrasts local market with other locations or segments.
- Informed by an external industry perspective that includes awareness of “over the horizon cyber risk.”
Driving Results
- Works to achieve goals while overcoming obstacles and/or planning for contingencies.
- Reviews performance and progress on a regular basis to ensure team is achieving results. Benchmarks own performance against industry best practices for security.
- Tests to see if goals are sufficiently challenging and implements corrective action based on deviations.
Collaborating and Influencing
- Will bring a passion to change the culture within the technology organization alongside an ability to enter a culture where influence and collaboration is critical to driving change constructively.
- Negotiates with a genuine give-and-take approach and decisions are shared.
- Spends time identifying all stakeholders necessary and meets or connects with all of them, neglecting no one to shape a collective consensus.
- Identifies opportunities to build relationships that will help others achieve their objectives and reaches out to those people or new people.
Building People Capability
- Serves as a talent magnet for Northern Trust.
- Dedicates time and energy to maintaining and growing followership of high-caliber, highly motivated talent.
- Gives critical feedback in behavioral terms and discusses suggestions for improvement.
- Uses existing institutional programs and brings new practices and strategies to support employees’ career growth in individual ways.
Critical Execution Capabilities
Technical Expertise
- Proven experience leading one or multiple functional areas within a cybersecurity or information security function, such as Security Operations, Security Architecture, Vulnerability Management, Security Engineering, Threat Hunt and Analytics.
- Demonstrated proficiency in areas such as information policy formulation, information security management, business risk management, IT risk assessment and management, IT continuity management, IT governance formulation, organizational change management, IT financial management, and IT audit.
- Knowledge and experience working with frameworks such as NIST, ISO, FedRAMP, and a strong grasp of security principles such as zero trust and critical security controls.
- Up-to-date knowledge of methodologies and trends in information security, risk management, cybersecurity technologies, as well as business and IT.
Communication Skills
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences at various hierarchical levels, ranging from board members to technical specialists.
- Ability to communicate complex technical issues to diverse audiences in an easily understood, authoritative, and actionable manner.
Decision Making
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
- Ability to make timely and sound decisions based on available data and analysis.
- Influence: An ability to effectively influence others and decisions without direct authority or where no formal reporting structures exist.
- Ability to build consensus and gain buy-in for security initiatives across the organization.
Analytical Skills
- Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
- Ability to analyze complex information and data, identify trends and patterns, and develop insights and recommendations.
Required Experience
- At least 8 years of professional experience in running an information security function, including defining information security strategy, analyzing, and applying information security risk, risk management and privacy practices, preferably in financial or banking industry.
- At least 10 years of relevant work experience, including consulting and general industry experience.
- A bachelor's degree in a computer-related field or equivalent work experience.
Salary Range
$189,400 - 99,999,999 USD
Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.
Working With Us
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.
We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.
Apply today and talk to us about your flexible working requirements and together we can achieve greater.
