Posted in General Business 5 days ago.
Technology Risk and Information Security - Consultant
Roles and Responsibilities:
This individual's primary day to day responsibilities are mentioned below (but are not limited to these):
•Perform information security risk management processes for new and existing Northern Trust's third parties business partners.
•Should be well versed with contract language, analysis and negotiation process. Responsible for reviewing master services contracts of the third parties to identify information security and related clauses.
•Responsible for working with procurement teams to formulate/renew the contracts as per the information security team guidelines.
•Responsible for documenting, and reporting to management, all findings from risk management processes.
•Collaborate with internal stakeholders & functional teams to ensure that all identified risks within each third party are assigned to business owners and tracked for timely closure.
•Demonstrate some proven knowledge on some of the following domains:
•Information Security Governance and Risk Management
•Security Architecture and Design
•Business Continuity and Disaster Recovery Planning
•Legal, Regulations, Investigations and Compliance
•Physical (Environmental) Security
•Able to interact in a professional manner and develop relationships with individuals and teams at any level in Northern Trust.
•Foster a positive and collaborative environment.
•Demonstrate ability to work well in both an individual contributor and team capacity.
•Rapidly and effectively adapt to a highly dynamic and fast-paced work environment.
•Excellent written and verbal communication skills.
•Able to converse and develop business relationships with individuals and teams at any level within Northern Trust.
•Knowledge of IT Security Domains / Frameworks (e.g., NIST, ISO27001).
•Knowledge of Compliance regulations.
•Understanding of IT Audit process.
•Principle understanding of Technology controls relating to Application and system vulnerabilities,
•Principle understanding of Technology Controls relating to Network and Operating System.
•Knowledge of what constitutes a security "threat" to a large enterprise.
•Bachelor degree in Computer Science or a related discipline and at least seven or more years of experience in the field of Technology Security or an equivalent combination of education and work experience.
•Campus : RDP
•Campus Cycle: 2020-21