Infrastructure Security Engineer responsible for integrating security into infrastructure workflows and automating security measures. Collaborating with SRE teams to maintain a secure infrastructure posture.
About the role
- Principal Technology Risk & Control Officer managing technology risk assessments and controls at Northern Trust, a leading financial institution. Collaborating across multiple technology domains to ensure alignment with business objectives and regulatory expectations.
Responsibilities
- Lead technology risk and control assessments across a broad range of domains, including application development, infrastructure, cloud, data, identity and access management, resiliency, third‑party technology services, change management, and technology operations
- Evaluate technology risks throughout system lifecycles, including design, build, deployment, operation, and decommissioning, ensuring alignment with enterprise risk appetite and regulatory expectations
- Provide subject‑matter expertise to support the development, maintenance, and alignment of technology risk, control, and governance standards with industry frameworks and internal policies
- Partner with technology teams to assess control design and operating effectiveness, and to drive timely remediation of technology risk findings from audits, regulatory exams, risk assessments, and internal reviews
- Analyze the impact of technology risks on critical business services, key processes, and customer outcomes , including availability, integrity, resilience, and regulatory compliance
- Participate in major incident, resiliency, and control‑failure events , providing technology risk guidance and contributing to root‑cause analysis and control enhancements
- Support technology risk training, awareness, and advisory activities to strengthen risk ownership and decision‑making across engineering, operations, and delivery teams
- Influence behaviors, resolve conflicts, and foster strong collaboration between technology, risk, and business stakeholders to promote a mature and accountable technology risk management culture
Requirements
- 10+ years of experience in technology, risk management, audit, or control functions covering multiple technology domains such as application development, infrastructure, cloud, data, identity and access management, operations, resiliency, or third‑party technology risk
- Strong experience performing technology risk assessments using recognized risk management frameworks (e.g., NIST, COBIT, ISO, or equivalent)
- Demonstrated ability to assess risk impact, control effectiveness, and residual risk, and to translate technical issues into business‑relevant risk insights
- Proven consultative, analytical, and communication skills with experience engaging senior technology and risk leaders
- Industry certifications (risk, technology, audit, or security) preferred but not required
- Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related discipline, or an equivalent combination of education and experience supporting complex technology environments
Benefits
- retirement benefits (401k and pension)
- health and welfare benefits (medical, dental, vision, spending accounts and disability)
- paid time off
- parental and caregiver leave
- life & accident insurance
- discretionary bonus program that may include an equity component
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Software Engineer supporting software development teams in security lifecycle processes. Creating security concepts and assisting in web application security topics with a modern tech stack.
Intern or apprentice at PCtronics gaining exposure in IT operations, cybersecurity, and automation. Support client onboarding and documentation within a managed IT environment.
Cyber Security Engineer focusing on secure software development and cybersecurity solutions for ADI Global Distribution. Engaging with an international team to enhance software integrity and security practices.
Cyber Security Engineer designing and developing cybersecurity tools and solutions for ADI Global Distribution. Role involves secure software development and cloud engineering to ensure cybersecurity integrity.
Specialist in product security for TIAA focused on maintaining security throughout product lifecycles. Engaging in product development, vulnerability analysis, and team collaboration.
Head of IT, Security & Compliance ensuring the IT infrastructure and compliance at CameraMatics. Leading security initiatives and regulatory obligations in a hybrid work setting.
Security Officer conducting interior and exterior patrols to ensure safety and monitor access in data centers. Collaborating with clients and performing various security duties.
Managing Director for Security and Resilience at Edison Electric Institute overseeing security and resilience operations for electric power system. Leading a team of experts in national security and regulatory processes.
Head of AI Security at Absa developing security frameworks for AI systems. Responsible for safeguarding AI platforms against cybersecurity threats and ensuring secure development practices.