The Head of Cyber and Technology Risk

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.

Role/Department:

The Head of Cyber and Technology Risk for NTGS SE is responsible for managing and overseeing technology and cybersecurity risk management within NTGS SE. The role reports to the NTGS Chief Risk Officer and works closely with the broader Enterprise Cyber and Technology risk function.

The role is responsible for maintaining the NTGS SE ICT Risk Management Framework and ensuring it remains compliant with relevant regulation e.g. CSSF, DORA and EU standards and aligned with Northern Trust group policies. In addition, the role monitors and oversees implementation by the relevant technology functions.

The role is designated as a Material Risk Taker (MRT) and requires registration with the CSSF. You will be accountable to provide reporting to the Board and other governance bodies on a periodic basis, as well as being a trusted advisor on technology and security matters to key stakeholders including Authorised Management, the Board and IT management.

The key responsibilities of the role include:

Oversight

• Define, implement, and maintain the NTGS SE ICT Risk Management Framework, ensuring alignment with relevant regulations and group standards.
• Provide oversight of the technology function's compliance with and application of the framework, including its oversight of outsourced activities and third-party ICT providers.
• Prepare reporting and present regularly to NTGS SE governance bodies (Management Board, Risk Committee, Audit Committee) on ICT and cyber risk exposures, emerging risks, and remediation progress.
• Partner with and support the Enterprise Cyber & Technology Risk Management team.

Risk Management

• Oversee the identification, assessment, and monitoring of technology and cybersecurity risks across NTGS SE.
• Support the ongoing enhancement of NTGS SE's cyber and technology risk management practices through continuous risk reporting improvements and integration of regulatory changes.
• Support the evaluation and implementation of new regulatory developments impacting ICT and cyber risk.

Strategic Leadership

• Act as a key stakeholder for technology and cybersecurity risk matters within NTGS SE, representing the entity to regulators, auditors, and other external stakeholders.
• Be a trusted advisor to and be comfortable challenging 1LoD, technology, and business executives on ICT matters.
• Partner with senior management to embed ICT and cyber risk management into strategic planning and operational resilience programs

Skills and Qualifications:

The successful candidate will benefit from having:

• The ideal candidate will have extensive experience in cybersecurity, ICT risk, or related fields, with extensive experience working in a regulated financial services environment.
• Strong understanding of financial sector ICT and cyber regulatory requirements (DORA, CSSF, EBA,).
• Expertise in cybersecurity and technology risk frameworks (NIST, COBIT, ISO, CIS, CSA).
• Deep knowledge of ICT third-party risk management and operational resilience requirements.
• Professional credentials such as CISSP, CISM, CRISC and CISA is a plus.
• Demonstrated experience leading ICT risk management programs within a risk management and/or control function.
• Proven track record in regulatory engagement and technology risk oversight in Luxembourg or EU-regulated entities.
• Demonstrated experience in presenting to executive management and regulatory bodies.
• Strong analytical ability and consultative skills to influence senior executives and governance bodies.
• Excellent communication skills with the ability to translate complex ICT risks into business-relevant insights.
• Proven ability to manage cross-border risk oversight while aligning with group policies and local entity requirements.

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve Join a workplace with a greater purpose.

We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at

.

We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.

About Our Luxembourg Office

In 2024, the Northern Trust Luxembourg office celebrated their 20th anniversary, an important chapter in their history. Having opened in 2004 to support one client, they have since grown their client base substantially and increased their headcount significantly, which now stands at over 400.

From modern fully equipped meeting rooms to a vast canteen with a view over a vegetable garden, maintained by our team all year round, and a rooftop where beehives have been installed, this space is truly a source of pride for our team.

Learn more.