About Northern Trust:
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.
Role Summary
Seeking a Principal‑level individual contributor to lead the secure enablement of Microsoft 365 Copilot and enterprise AI capabilities within Northern Trust's Cyber Team.
This role owns the end‑to‑end technical strategy, architecture, and operationalization of AI‑driven data protection and compliance controls across Microsoft Purview, Defender, and M365 security services.
The Principal serves as the organization’s deep technical authority on AI data protection, shaping control strategy, influencing platform configuration decisions, and institutionalizing durable safeguards that reduce AI‑driven data risk while enabling productivity at enterprise scale.
This is a hands‑on role with architect‑level accountability: designing systems that will stand up to audit, regulatory scrutiny, and adversarial pressure as AI usage scales.
Scope of Accountability (Principal Expectations)
This role is expected to:
- Own the technical vision and control strategy for AI and Copilot data protection, not just implement features.
- Define durable, repeatable patterns for securing LLM‑enabled workflows that other teams can adopt.
- Operate with wide autonomy, minimal oversight, and direct influence across Security, Compliance, Privacy, M365, and Risk.
- Anticipate risk before incidents occur, translating emerging AI threats into preventive controls.
- Serve as escalation point and design authority for complex or ambiguous AI security decisions.
Key Responsibilities
AI & Copilot Security Architecture
- Act as hands‑on technical lead and design authority for Copilot and enterprise AI security controls across Microsoft Purview, Defender, and M365.
- Define and evolve the AI data protection reference architecture, mapping controls to AI threat models and regulatory expectations.
- Review and harden Copilot platform configurations, including:
- Web grounding and search behaviors
- Agents, plugins, and connectors
- Permission inheritance and identity context
- Transcripts, prompt history, and retention models
- Ensure controls are designed for default‑secure behavior, least privilege, and fail‑safe operation.
Control Engineering & Operations
- Design, implement, and operate AI‑related controls spanning:
- Information Protection and labeling strategy
- DLP and Endpoint DLP (including AI‑specific scenarios)
- Insider Risk Management and Communication Compliance
- Data Lifecycle Management and retention enforcement
- DSPM for AI, including exposure detection and oversharing remediation
- Configure, deploy, troubleshoot, and operate controls across AD and EntraID environments.
- Support production changes through disciplined change management and approved deployment windows.
AI Risk Detection, Monitoring & Response
- Define AI‑specific risk use cases, signals, and thresholds aligned to data exposure, misuse, and policy violation scenarios.
- Build monitoring, alerting, and automation for abnormal or high‑risk AI usage patterns.
- Develop operational runbooks that enable consistent response, investigation, and evidence preservation.
- Ensure solutions are audit‑ready, regulator‑defensible, and operationally sustainable.
Governance & Institutionalization
- Translate AI threat models into policy‑aligned, enforceable technical controls.
- Partner with governance stakeholders to support:
- AI risk assessments
- Control mapping and documentation
- Decision logs and exception handling
- Executive and stakeholder reporting
- Contribute expert guidance to Copilot readiness, Zero Trust alignment, and broader AI governance initiatives.
- Track delivery and technical debt using Azure DevOps, establishing transparency and accountability.
Copilot‑Focused Control Outcomes
- Define and enforce Copilot‑protected labels for files, groups, sites, and content sources.
- Prevent unauthorized content ingestion and unintended grounding into AI prompts.
- Expand browser and endpoint DLP protections, including:
- Copy/paste and screen capture controls
- AI prompt and response handling
- Operationalize DSPM for AI to continuously reassess exposure and remediate oversharing.
- Establish durable workflows for AI‑related insider risk and communication compliance scenarios.
Required AI Security Expertise
- Deep understanding of LLM security fundamentals and threat modeling, including:
- Data exposure risks
- Indirect and chained prompt injection
- Model‑mediated data exfiltration
- Practical mitigation strategies for:
- Prompt injection and prompt data leakage
- Over‑permissioned grounding sources
- Agent and connector misuse
- Experience securing agentic or tool‑augmented AI systems, including least‑privilege access and approval models.
- Strong grasp of AI governance concepts, including risk classification, control frameworks, and policy alignment.
- Ability to translate abstract AI risk into concrete, enforceable technical controls.
Qualifications
- Bachelor’s degree or equivalent experience in cybersecurity, engineering, or a related field.
- Extensive hands‑on experience with Microsoft Purview and Microsoft Defender (including Cloud Apps).
- Strong background in data protection, DLP technologies, and enterprise information security.
- Proven scripting and automation capability (PowerShell, Python, Power Automate).
- Experience operating within formal incident, problem, and change management processes (e.g., ServiceNow).
Preferred Experience & Certifications
- Deep familiarity with M365 services such as SharePoint Online, Teams, Exchange, and Entra ID.
- Experience integrating or operating with Sentinel, Zscaler, Symantec DLP, or comparable platforms.
Salary Range:
$137,400 - 233,600 USD
Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.
Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.
We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.
Apply today and talk to us about your flexible working requirements and together we can achieve greater.