About Northern Trust:
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.
Technology Risk & Control Self‑Assessment
Own and support the end‑to‑end planning, prioritization, coordination, and execution of Technology Risk and Control Self‑Assessments, while ensuring alignment with enterprise technology risk policies, control standards, and risk frameworks within the defined scope.
Risk Identification and Control Design & Effectiveness Evaluation
Lead the assessment of inherent and residual technology risks and evaluate the design and operating effectiveness of key controls. Identify control gaps, execution weaknesses, and process deviations, and clearly articulate root causes, risk implications, and control maturity considerations. Ensure controls are:
Clearly defined, current, and appropriately documented
Aligned to identified technology risks and control objectives
Consistently and sustainably executed
Supported by complete, accurate, and timely evidence suitable for audit and regulatory review
Risk Assessment and Assurance Skills (Preferred)
Experience in Technology Risk Assessment and SOC / SOX IT control testing is considered an added advantage and will be leveraged to enhance the effectiveness and audit readiness of Technology RCSA activities
Applying Technology Risk Assessment techniques to strengthen risk identification, prioritization, and risk articulation within RCSAs
Leveraging understanding of threat scenarios, risk drivers, and risk appetite to enhance RCSA conclusions
Using exposure to SOC 1 / SOC 2 and SOX IT control testing to inform control scoping, documentation quality, and evidence standards
Supporting alignment between RCSA outcomes and audit or regulatory expectations
RCSA Documentation and Evidence Management
Ensure high‑quality documentation of RCSA results, including risk statements, control assessments, conclusions, and supporting artifacts, within relevant tooling. Maintain strong discipline around evidence standards, traceability, and transparency to support audit, regulatory, and governance needs.
Issue Identification, Risk Rating, and Risk Treatment Advisory
Drive the identification, documentation, and escalation of control deficiencies and risk issues arising from RCSA activities.
Senior Stakeholder Engagement and Risk Governance Participation
Engage with senior stakeholders through governance forums, working groups, and readiness initiatives related to Risk and Control Self‑Assessment.
Provide clear, concise, and risk‑focused communication on assessment outcomes, key risk themes, emerging trends, and material risk considerations.
Continuous Improvement and Control Standardization
Identify cross‑process risk themes, trends, and systemic weaknesses across RCSA assessments. Proactively recommend enhancements to control design, processes, assessment methodologies, and testing approaches.
Contribute to the evolution and standardization of Technology Risk and RCSA frameworks, supporting readiness for future assessments, audits, and regulatory examinations.
Industry Awareness and Risk Thought Leadership
Maintain awareness of emerging industry standards, regulatory expectations, and best practices related to Risk and Control Self‑Assessment. Translate relevant developments into actionable insights to drive continuous improvement.
Knowledge and Experience
10–12 years of experience in Technology Risk, Risk & Control Self-Assessment, IT Risk Assessment, or related roles.
Strong hands‑on experience leading and executing Technology Risk and Control Self Assessments (RCSA or exposure to SOC 1 / SOC 2 and/or SOX IT control testing, including IT General Controls (ITGCs) and application controls.
Solid understanding of technology risks, control design, and control effectiveness evaluation.
Strong analytical, documentation, and stakeholder communication skills.
Certifications Preferred - CISA, CISSP, or CRISC
Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.
We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.
Apply today and talk to us about your flexible working requirements and together we can achieve greater.
About Our Pune Office
The Northern Trust Pune office, established in 2016, is now home to over 3,000 employees. The office handles various functions, including Operations for Asset Servicing and Wealth Management, as well as delivering critical technology solutions that support business operations across the globe.
Our Pune team takes our commitment to service to heart. In 2024, they volunteered more than 10,000+ hours into the communities where they live and work. Learn more.