Director Cyber Third Party Risk Management (CTPRM)

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service. We are seeking an experienced Director of Cyber Third‑Party Risk Management (CTPRM) to lead and mature the enterprise third‑party cyber risk program across North America, with a strong focus on cloud, SaaS, AI, and emerging technology risks. This role is responsible for defining strategy, governance, and execution of CTPRM activities aligned with enterprise risk appetite, regulatory expectations, and business objectives. Key Responsibilities Define and execute the CTPRM strategy and roadmap for North America, aligned with global cybersecurity and enterprise risk objectives. Own third‑party cyber risk frameworks, methodologies, service categorization, and risk reporting. Lead cyber risk assessments, oversight, and remediation for critical and high‑risk third parties. Drive continuous improvement in third‑party risk processes, automation, and tooling. Provide cyber risk leadership for cloud migration, SaaS, outsourcing, and AI‑enabled third‑party engagements. Partner with business, technology, procurement, legal, compliance, and privacy teams to embed security requirements into vendor lifecycle processes. Lead internal and external audits related to third‑party cyber risk and ensure timely remediation of findings. Develop and report KPIs and KRIs to measure program effectiveness and third‑party risk posture. Act as the senior point of contact for third‑party cyber risk with executive stakeholders and regulators as required. People Leadership Lead, mentor, and develop a high‑performing CTPRM team in North America, with global collaboration. Set goals, manage performance, and build future‑ready cyber and technology risk capabilities. Oversee a hybrid delivery model, including onshore leadership and offshore execution. Qualifications & Experience 15+ years of experience in Cyber Risk, Technology Risk, Third‑Party Risk, Cloud Risk, or related disciplines. Proven experience designing and leading enterprise‑wide risk and control frameworks . Strong knowledge of cloud security, SaaS risk, AI systems, and complex digital architectures . Solid understanding of North America regulatory and compliance expectations related to third‑party and technology risk. Excellent stakeholder management, communication, and consultative skills. Bachelor's degree or equivalent experience required. Certifications such as CISSP, CRISC, CCSK, CISM, or CISA preferred. Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. Northern Trust will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa)

Salary Range:

$137,400

• 240,400 USD Salary range is a good faith estimate of base pay.

Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component. Working with

Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater. Director

• Cyber Third Party Risk Management (CTPRM) 3.8 3.8 out of 5 stars Chicago, IL $137,400
• $240,400 a year
• Full-time Northern Trust Corp. 1,441 reviews $137,400
• $240,400 a year

•

Full-time About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service. We are seeking an experienced Director of Cyber Third‑Party Risk Management (CTPRM) to lead and mature the enterprise third‑party cyber risk program across North America, with a strong focus on cloud, SaaS, AI, and emerging technology risks. This role is responsible for defining strategy, governance, and execution of CTPRM activities aligned with enterprise risk appetite, regulatory expectations, and business objectives. Key Responsibilities Define and execute the CTPRM strategy and roadmap for North America, aligned with global cybersecurity and enterprise risk objectives. Own third‑party cyber risk frameworks, methodologies, service categorization, and risk reporting. Lead cyber risk assessments, oversight, and remediation for critical and high‑risk third parties. Drive continuous improvement in third‑party risk processes, automation, and tooling. Provide cyber risk leadership for cloud migration, SaaS, outsourcing, and AI‑enabled third‑party engagements. Partner with business, technology, procurement, legal, compliance, and privacy teams to embed security requirements into vendor lifecycle processes. Lead internal and external audits related to third‑party cyber risk and ensure timely remediation of findings. Develop and report KPIs and KRIs to measure program effectiveness and third‑party risk posture. Act as the senior point of contact for third‑party cyber risk with executive stakeholders and regulators as required. People Leadership Lead, mentor, and develop a high‑performing CTPRM team in North America, with global collaboration. Set goals, manage performance, and build future‑ready cyber and technology risk capabilities. Oversee a hybrid delivery model, including onshore leadership and offshore execution. Qualifications & Experience 15+ years of experience in Cyber Risk, Technology Risk, Third‑Party Risk, Cloud Risk, or related disciplines. Proven experience designing and leading enterprise‑wide risk and control frameworks . Strong knowledge of cloud security, SaaS risk, AI systems, and complex digital architectures . Solid understanding of North America regulatory and compliance expectations related to third‑party and technology risk. Excellent stakeholder management, communication, and consultative skills. Bachelor's degree or equivalent experience required. Certifications such as CISSP, CRISC, CCSK, CISM, or CISA preferred. Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. Northern Trust will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa)

Salary Range:

$137,400

• 240,400 USD Salary range is a good faith estimate of base pay.

Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component. Working with

Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.