Senior IT Auditor - Cyber

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.  

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

The Senior IT Auditor- Cyber is responsible for conducting and documenting cybersecurity and technology audits throughout the Corporation. This role leads audit projects, which includes providing oversight to the audit project team and communicating results of the engagement to management. The Senior IT Auditor - Cyber provides technical expertise and training to auditors within the engagement audit team and works closely with Audit Managers to confirm the scope of the audit and to devise an appropriate testing approach to be performed during the engagement.

The key responsibilities of the role include:

Leadership and Management
• Establishes and develops strong working relationships and open communications with key stakeholders.
• Provides training, coaching, and auditing expertise to the audit team.
• Accountable for own assignments and holding others accountable for theirs including proactively managing expectations.

Audit Methodology
• Lead internal audit projects related to IT controls, information security / cyber, pre/post system implementation, IT governance, and operational areas to drive consistency of methodology.
• Assists with the development of the audit budget and/or timeframe for how the audit will be completed based on the objective and risk of the areas covered within the engagement.
• Finalizes planning documents and conducts first level review of planning documents as required.
• Coordinates with other audit teams (business unit, regional, and specialist) to ensure evaluations of related areas occur timely and cover key areas within the audit.
• Demonstrates professional skepticism and comfort with questioning how certain processes are being performed in order to facilitate making improvements.
• Reviews the work papers of the audit team members ensuring that departmental standards have been met.
• Maintain technical competence by ongoing training, seeking development opportunities and applying new knowledge to daily work assignments.


Skills/ Qualifications:
The successful candidate will benefit from having:

• Minimum of 3 years of IT auditing and systems experience (or equivalent).
• Knowledge of audit procedures and technical security and control standards usually obtained through related work experience or a four year degree program.
• Solid understanding of IT and Cybersecurity controls (e.g., Configuration Management, Network Security, Identity Access and Authentication).
• Skills as needed to perform testing of design and operational effectiveness of information security and Cybersecurity controls (e.g., Penetration Testing, SecOps, Security Information and Event Monitoring, Data Protection, Vulnerability Management, Insider Threat).
• Understanding of newer technologies (e.g., Containers, Kubernetes, CI/CD) and cloud infrastructure (e.g., AWS, MS Azure) is a plus.
• Skills as needed to perform testing of design and operational effectiveness of application controls (e.g., Interface and Application Security Controls).
• Knowledge of systems software applications and databases common to the mainframe and distributed environments, such as UNIX, iSeries, and Windows is a plus.
• Understanding of networks, routers, and firewalls is also a plus.
• Knowledge and awareness of NIST Cyber Security Framework, FFIEC, and other industry frameworks are a plus.
• Professional certifications (e.g., Certified Information System Audit (CISA), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP)) are a plus.
• Self-starter with an ability to self-motivate; strong organizational and problem solving skills; attention to detail.
• Ability to proactively assess issues, identify solutions and problem solve.
• Strong people management and relationship-building skills with diverse groups and various levels of technology and non-technology personnel.
• Flexibility, multi-tasking, creative thinking, good business judgment skills are required to meet strict deadlines and manage projects .

**Please note that this role may require the successful candidate to travel to other NT locations as required.

Working Model: Hybrid (#LI-Hybrid)
We have a balanced hybrid working model to ensure you get the flexibility you need, and the successful candidate will spend their time between working in the office and working from home.
 

Salary Range:

Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.

Working with Us: 

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater 

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

 
We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.