Chicago, IL
About Northern Trust
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.
The function of the Director, Protection Role will be to define and implement a management framework for all Data Security of Northern Trust. The role will report to the Global Head of Identity and Access Management (IAM) and Data Protection, ensuring formulation and execution of strategic roadmaps related to 1st line of defense Data Security governance practices. The role will also be responsible for Data Security governance policy, standards and control adherence and serve as principal partner in strengthening and maintaining productive alliances with 2nd and 3rd line of defense challenge teams. Additionally, this position will manage a team that will align with business, technology, information security and other corporate teams to establish and strengthen adoption of data protection practices, standards and controls. As a primary Data Protection leader, the selected candidate will partner with enterprise architecture, engineering, operations and program teams to ensure that the data protection strategies and roadmaps are in alignment with other security capabilities.
Role/ Department
As part of Northern Trust's Global Data Protection Program, the Director for Data Protection will lead a team responsible for data security monitoring, security incident identification, incident prioritization, incident escalation and directed response support functions. The director will play a crucial role in leading Northern Trust's security monitoring model, contributing to a resilient and unified team that improves NT's ability to protect and defend its information.
Responsibilities
Manages the department that develops and administers solutions that meet system expectations relative to scalability, performance, fault tolerance, usability, and data integrity for the Data Protection Program. This program is responsible for the identification, analysis, and mitigation of risks related to data and information at rest, in motion, and in use across IT systems or networks and delivering solutions that meet end user expectations relative to performance, usability and security.
Uses specific knowledge of a discipline to achieve goals through managing a team of professional engineers, analysts and program managers. Has specific knowledge or expertise typically gained through formal education or equivalent experience. Uses expertise to provide guidance to others as a project manager or consultant. Requires in-depth conceptual and practical knowledge in data protection and basic knowledge of related job disciplines across information security. Solves complex problems. Works in a team and receives minimal guidance. May lead enterprise project leaders or project steps within a broader project or may have accountability for on-going activities or objectives across the enterprise. Acts as a resource for colleagues in leading others and for management expertise.
Major Duties
Works with department leads and external teams to develop the data security strategy and plan and ensures objectives are met based on business priorities. Provides leadership and guidance to staff, fostering an environment that encourages employee participation, teamwork, and communication. Layout strategy for Data Protection Program and associated operations to define standards, discover and protect data. Interfaces frequently with information security industry groups to stay abreast of emerging security trends Seasoned multi-disciplinary leader with extensive technical and / or business knowledge and functional expertise Focus of role is on execution of strategic direction of business function activities Carries out complex initiatives involving multiple disciplines and/or ambiguous issues Displays a balanced, cross-functional perspective, liaising with the business to improve efficiency, effectiveness and productivity Helps establish overall enterprise data protection strategy by aligning business processes, IT software and hardware, local and wide area networks, people, operations, and projects with the organization's overall security strategy Evaluates proposals to determine if proposed data security solutions effectively address enterprise requirements, as detailed in solicitation documents Identifies alternative functional data security strategies to address organizational IT security concerns Interprets and/or approves security requirements relative to the capabilities of new information technologies Leads and aligns IT security priorities with the organizations mission and vision Manages the monitoring of external threat intelligence data sources to maintain enterprise situational awareness Assists in monitoring and evaluating the effectiveness of the enterprises information security safeguards to ensure they provide the intended level of protection Helps provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to appropriate senior management
Knowledge/Skills
- Excellent oral and written communication skills are required.
- Highly flexible and adaptable to change.
- Extensive leadership knowledge of information security management frameworks (i.e., ISO 2700X, NIST CSF, SANS Top 20 Critical Security Controls, etc.)
- Knowledge of information assurance principles, information security program management and project management principles and techniques
- Knowledge of RCSA and PRCI frameworks
- Experience in a highly regulated environment, specific experience with FFIEC, OSFI, PCI-DSS, SOX preferred.
- Knowledge of what constitutes a threat to a network and knowledge of incident response and handling methodologies.
- Knowledge of network architecture concepts including topology, protocols, and components and network management principles, models, and tools
- Knowledge of network security architecture, including the application of Defense-In-Depth principles, Principle of Least Privilege and knowledge of network traffic analysis methods
- Knowledge of server and client operating systems
- Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems
- Excellent analytical skills.
- Ability to communicate security and data governance related concepts to a broad range of technical and non-technical staff both verbally and in writing.
- Ability to manage multiple tasks simultaneously and meet established deadlines.
- Ability to collaborate with all IT teams on security-related incidents, tasks and projects.
- Ability to work productively while remote and communicate effectively in a virtual team environment.
- Ability to stay current with new technology. Extensive knowledge of protection solutions and technologies for Data Loss Prevention (DLP) Experience implementing and managing data loss prevention (DLP) solutions. Experience with DLP for Windows, Linux, Mac operating systems.
- Experience with DLP in multi -Cloud environments. Experience utilizing security and data governance best-practices to for DLP solutions. 8+ years Information Security experience.
- 6+ years of experience with technologies to support Agile &/or Scrum methodologies.
Experience Required
- A College or University degree and/or relevant proven work experience in the area of Information Security is required.
- Industry certification such as CISSP, CISM, CISA, GIAC is preferred.
Working with Us
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at
We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.
Apply today and talk to us about your flexible working requirements and together we can achieve greater.