Expert responsible for developing and administering solutions that meet system expectations relative to scalability, performance, fault tolerance, usability, and data integrity for the Information Security Operations and Architecture function.
The Security Operations and Architecture function includes the Security Incident Response, Vulnerability Management, and Information Security Architecture teams.
Collectively these teams are responsible for the identification, analysis, and mitigation of threats to internal IT systems or networks and delivering solutions that meet end user expectations relative to performance, usability and security.
1. Works with management and the architecture team develop the security strategy and plan and ensures objectives are met.
2. Provides leadership and guidance to staff, fostering an environment that encourages employee participation, teamwork, and communication.
3. Contributes to the Security Incident Response team and communicates incidents to senior management in Information Technology and Corporate Risk Management
4. Specialist on the Vulnerability Management program
5. Interfaces frequently with information security industry groups to stay abreast of emerging security trends
6. Seasoned multi-disciplinary expert with extensive technical and / or business knowledge and functional expertise
7. Focus of role is on execution of strategic direction of business function activities
8. Carries out complex initiatives involving multiple disciplines and/or ambiguous issues
9. Displays a balanced, cross-functional perspective, liaising with the business to improve efficiency, effectiveness and productivity
10. Helps establish overall enterprise information security architecture (EISA) by aligning business processes, IT software and hardware, local and wide area networks, people, operations, and projects with the organization?s overall security strategy
11. Evaluates proposals to determine if proposed security solutions effectively address enterprise requirements, as detailed in solicitation documents
12. Identifies alternative functional security strategies to address organizational IT security concerns
13. Interprets and/or approves security requirements relative to the capabilities of new information technologies
14. Leads and aligns IT security priorities with the organization's mission and vision
15. Manages the monitoring of external threat intelligence data sources to maintain enterprise situational awareness
16. Assists in monitoring and evaluating the effectiveness of the enterprise's information security safeguards to ensure they provide the intended level of protection
17. Helps provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to appropriate senior management
A College or University degree and/or relevant proven work experience in the area of Information Security is required. Industry certification such as CISSP, CISM, CISA, GIAC is preferred.
Knowledge of Information Assurance principles
Knowledge of incident response and handling methodologies
Knowledge of industry-standard and organizationally accepted analysis principles and methods
Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies
Knowledge of network architecture concepts including topology, protocols, and components
Knowledge of network management principles, models, and tools
Knowledge of network security architecture, including the application of Defense-In-Depth principles
Knowledge of network traffic analysis methods
Knowledge of new and emerging IT and information security technologies
Knowledge of Open System Interconnection model
Knowledge of penetration testing tools and techniques (e.g., metasploit, neosploit, etc.)
Knowledge of server administration and systems engineering theories, concepts, and methods
Knowledge of server and client operating systems
Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems
Knowledge of what constitutes a threat to a network
Knowledge of information security program management and project management principles and techniques
For more than a century, Northern Trust has worked hard building our legacy of outstanding service, expertise and integrity. From a Chicago-based bank founded in 1889, we now have more than 20 international locations and 16,500 employees globally. We serve the world’s most-sophisticated clients – from sovereign wealth funds and the wealthiest individuals and families, to the most-successful hedge funds and corporate brands.
We burnished our reputation as a global leader delivering innovative investment management, asset and fund administration, fiduciary and banking solutions enabled by sophisticated, leading technology. And through it all, we continually laid a solid, forward-looking foundation on which future generations can continue growing and achieving greater.
As of June 30, 2017, Northern Trust Corporation had:
•$126 billion in banking assets
•$7.4 trillion in assets under custody
•$9.3 trillion in assets under custody/administration
•$1.0 trillion in assets under management