Sr. Lead- Technology Regulatory Compliance

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

Summary:

The Sr Lead, Technology Regulatory Compliance is responsible for supporting the day-to-day operations of the APAC Technology Regulatory Compliance team and working with risk and control teams in other global sites to establish and maintain a highly effective IT control environment and IT compliance posture. You will report to the Senior Manager of Technology Regulatory Compliance and be part of a dedicated and outstanding team that focuses on promoting control / compliance awareness and appropriately manage compliance risks within the global information technology organization.

Responsibilities:

Responsible to ensure compliance with Technology related regulatory / statutory requirements in the APAC region.

Engage with all 3 LODs and get onboarded on various risk events – risk treatment | risk metrics | major incidents impacting APAC region.

Coordinate both internal and external audit engagements, facilitate evidence gathering requirements, ongoing vetting of issues identified by Internal Audit with Control Owners including appropriate action plans and remediation / milestone dates

Interpret and assess the impact of new and evolving technology regulations in the APAC region.

Serve as a key liaison between internal / external auditors and technology stakeholders.

Advise on how to apply and interpret standards and controls, considering threats, risks, trends across the organization, and compensating controls

Support risk assessment activities serving as a subject matter expert on understanding the risk and providing support in elevating the risk treatment for approval.

Support the Issue Management process – Audit | Regulatory | Self-identified. Review the management action plan proposed by the accountable/responsible technology owner. Challenge and provide advice on audit remediation plans. Facilitate discussion of Technology accountable audit issues at the Issue Remediation Council.

Responsible to Analyse and derive a Legal Entity view of the outcome of technology control assurance program, including control inventory, risk and control (PRC) framework, and align with regulatory requirements in the APAC region.

Leverage automation and analytics to build state of the art compliance environment and continuous control monitoring platform.

Prepare the governance packs, compliance reports/dashboards and metrics for senior leadership in the APAC region.

Setting frameworks and manage technology regulatory compliance operations to ensure adequate reporting and timely response to regulatory exams in APAC regions, including Australia, Singapore, India, China and other regions.

Work with other leaders within Norther Trust’s technology management and three lines of defenses to assist in timely addressing control gaps, identifying potential opportunities for improvement, and advising on control designs for large complex programs (e.g., cloud, API, third-party vendor oversight, data governance).

Influence behaviors to reduce risk and foster a strong technology risk management culture throughout the enterprise.

Knowledge & Skills:

In-depth understanding and experiences of information security, IT regulatory/ statutory compliance, IT audit and/or IT risk management principles.

In-depth understanding of IT risk assessments and control testing. Experiences of GRC systems (e.g., ServiceNow, Fusion etc.) preferred

Experience in automation and data analytics preferred.

Strong collaboration and stakeholder management skills.

Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.

Highly flexible and adaptable to change, technology forward thinking.

Comfortable operating in a dynamic and complex regulatory landscape.

Woking knowledge of tools such as Confluence, Power BI, MS Office suite.

Experience Required:

A bachelor’s degree in engineering, Information Technology, Management Information Systems, Computer Science or a related discipline.

At least 12+years of technology risk management, control functions, audit services experience, or similar experience with transferable skills. Financial Services industry experience is a plus.

Certification in IT Security viz CEH / CISA / CISSP / CISM preferred.