NT
Northern TrustConsultant, Compliance – Sanctions
Compliance Consultant advising business partners on Compliance programs and applicable regulations at Northern Trust. Engaged in risk assessments and providing guidance to senior management.
About the role
- Develop and implement security frameworks: Identify, develop, and implement security processes, standards, and policies that align with Datacom’s Information Security Plan and strategic objectives.
- Collaborate across business units: Work closely with internal teams to ensure the consistent application of security controls that meet Datacom and business requirements.
- Regulatory and framework compliance: Ensure adherence to both the Australian Government Information Security Manual (ISM) and Protective Security Policy Framework (PSPF), as well as the New Zealand Information Security Manual (NZISM) and Protective Security Requirements (PSR), across Datacom’s internal and client environments.
- Continuous improvement and assurance: Lead ongoing auditing, monitoring, and enhancement of security controls, including the development and maintenance of Threat and Risk Assessments (TRA), System Security Plans (SSP), and Security Risk Management Plans (SRMP).
- ISO 27001 and ISMS maturity: Apply your deep knowledge of the ISO/IEC 27000 series to support the design, implementation, and continual improvement of our Information Security Management System (ISMS).
- Essential 8 compliance: Lead and maintain organisational compliance with the Australian Cyber Security Centre (ACSC) Essential 8 maturity model, ensuring effective implementation, measurement, and uplift of mitigation strategies across Datacom’s environments.
- SOC 2 Type 2 compliance: Oversee and coordinate activities to maintain SOC 2 Type 2 certification, including evidence collection, control testing, audit readiness, and continuous improvement of internal security and privacy controls.
- GRC tooling and automation: Leverage and optimise GRC tooling, preferably Vanta, to automate evidence collection, track control performance, and manage risk and compliance workflows efficiently.
- Security awareness and enablement: Provide guidance, education, and training to improve understanding of security policies, processes, and technologies across teams, fostering a strong culture of compliance and accountability.
Requirements
- Extensive experience in information security, audit, assurance, governance, risk or compliance and a sound understanding of information security principles, polices and standards
- Previous experience with stakeholder engagement with a strategic and strategy focus
- Experience with and good understanding of IRAP
- The GRC Advisor must have a detailed knowledge of agency-specific and Australian Government protective security policy, principles, and minimum standards, and be provided with opportunity to maintain this knowledge
- Understanding of contract deliverables and obligations
- Some technical knowledge to make informed decisions about business risks from vulnerabilities
- Ideally, you will be industry certified and may even hold a CISSP, CISM, MS or equivalent certifications.
- Experience in developing and administering an information security program (desirable).
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
NT
Northern TrustRegulatory Assurance Specialist
Regulatory Assurance Specialist at Northern Trust managing global regulatory assurance projects and ensuring compliance with regulations and standards. Engage with leaders and regulators to enhance compliance strategies.
(Senior) Regulatory Affairs Consultant managing regulatory submissions for various clients at Parexel. Collaborating with stakeholders and ensuring high - quality work for client satisfaction.
HB
Huntington National BankChief Compliance Officer, Senior
Chief Compliance Officer overseeing compliance for Huntington’s Investment Banking and Wealth Management divisions. Managing regulatory compliance, supervising teams, and supporting business integration across segments.
LG
LevelUp GroupLead Consultant – Data Privacy & Compliance
Lead Consultant in Data Privacy & Compliance guiding clients on privacy law. Develop services and manage a team at Cloud Nine Digital specializing in data solutions.
Compliance & SOX Professional driving compliance processes and collaboration with international teams in Frankfurt. Shaping standards and solutions within a dynamic work environment.
DB
Legal Expert in Listings & Regulatory Services handling securities processes at Deutsche Börse Group. Evaluating compliance and engaging in market development projects.
KI
Korro Bio, Inc.Senior Director – Regulatory Affairs
Senior Director/Vice President of Regulatory Affairs at biopharmaceutical company Korro. Overseeing regulatory strategies for clinical development and commercial pipelines with global health authorities.
AB
Azul Linhas Aéreas BrasileirasAnalista Ética e Compliance JR
Compliance Analyst role integrating the compliance team at Azul Airlines located in Barueri. Responsible for monitoring the Ethics Channel and supporting internal audits and training programs.
QU
QuestelWorking Student - Compliance
Werkstudent in Compliance für AML - Team bei PAVIS GmbH. Unterstützung in der Recherche und Einhaltung von Compliance - Vorgaben für nationale und internationale Kunden.