Job Description

Serve as the POC for everyday Patching and Vulnerability Functions in the Infrastructure Engineering a nd Ope r ations organization across the Infrastructure towers Serve as key liaison and spokesperson during a n y risk and control meetings for any Infrastructure tower as per patching and vulnerability remediation , as soon as a threat has been identified and facilitating communications between Northern Trust groups Have or acquire an in depth understanding of the different moving parts and functions involved in the vulnerability remediation process especially as involves Infrastructure components Represent the Infrastructure towers in Risk Control with IT Leadership and operational committees to communicate the status, capabilities, and issues of the infrastructure organization Apply broad technical knowledge to provide remediation guidance across several of the technology areas Integrate technical control expertise and business understanding to coordinate / envision superior solutions for the infrastructure components Maintain an effective technical network across the Control community, ITOC, technical SMEs and architects for multiple service areas Analyze high volumes of vulnerabilities across individual towers requiring special attention Ingest and communicate vulnerability metrics with the greater Infrastructure team and Executive Management to allow for data-driven risk management Issue Management - Validate accuracy of vulnerability record s to be uploaded to ServiceNow Ensure responsible vulnerability o wners provide regular status updates in ServiceNow and escalate to accountable owner(s), as needed Support Management in providing timely information on status to key stakeholders (CIO, CTO etc . ) and obtain necessary approvals Support Management in monitoring issues with upcoming due dates (30 - 60 - 90 days), communicating and validating on progress to ensure transparency on status and vulnerability resolution Escalate any vulnerability downgraded to at risk within 90 days of due date to Management Facilitate deferral and extension process with formal notification and approvals (where needed) to appropriate accountable owners Review and validate evidence for closure of issues to ensure conditions for closure are met; document validation conclusion in vulnerability tickets Share key insights and learnings from participation in Infrastructure meetings to share with management As a partner at Northern Trust, you must actively manage and mitigate risk and act with integrity. In accordance with our core values of service, integrity, and expertise , you are expected to: Adhere to all applicable risk management programs, policies, and procedures Complete all mandatory training by the deadline Understand how your behavior could expose Northern Trust, its clients, and financial markets to different types of risk Ensure that Northern Trust or its clients are not exposed to inappropriate or excessive risk Escalate any risk concerns, including those resulting from mistakes / errors to a manager or business unit risk officer Exercise diligence regarding cyber-security Cooperate with internal control functions (including first-line Control, Risk, Compliance, Audit, self-assigned, etc.) and applicable regulatory bodies Avoid conflicts of interest or behaviors that might produce unfair outcomes for Northern Trust or its clients or damage the integrity of financial markets Qualifications Bachelors degree in information technology , Management Information Systems, Computer Science or a related discipline 10 + years as Infrastructure vulnerability and patching operating at enterprise scale Advanced technical problem-solving skills Practical experience in both technology infrastructure and application development architectures Strong system analysis and service development experience Financial or Regulatory domain experience Service Now experience Familiarity with Fusion a plus Knowledge/Skills Well-versed in patching and security industry best practices , tools and regulatory and compliance frameworks Highly motivated, energetic self-starter who takes ownership of issues and drives them to resolution Good organizational skills - manages and prioritizes multiple tasks across different time horizons within deadlines Cooperative, and collegial manner to be able to flex to wide range of stakeholders and in high-stakes situations Strong decision-making skills Strong analytical, problem solving and process re-engineering skills Excellent project management skills; oral and written communication Skills in translating broad strategic intent into tactical plans and directions are essential Applies broad industry knowledge and awareness Negotiates with senior leaders across the business