Address
Form of workAbout Northern Trust:
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.
Description:
Create and review threat models using various approaches such as off the shelf tools, whiteboarding etc.
Research and analyze security architecture for applications developed in-house as well as vendor products
Analyze / create conceptual and logical architecture designs
Work with dev teams to evaluate application architecture, analyze trade-offs, and recommend solutions and mitigating controls.
Assess risks through Threat Modeling and security reviews with teams
Advise product teams on the security implications of their designs and roadmaps
Collaborate within the SSDLC space for other team functions like SAST, DAST, SCA, and pen-testing.
Must keep up with industry trends, especially in cloud service provider services and related security threats and common misconfigurations and anti-patterns.
Must pick up the skills to influence and collaborate with a combination of technical and non-technical people to further security goals and objectives.
In addition to technical ability, an awareness of broader risk landscape and the ability to understand and improve SSDLC and related processes is desirable.
Specific knowledge/ skills:
Knowledge of security architecture patterns across major CSP's like Azure, AWS and GCP is required, along with specific awareness of TLS, key management, SAML integration, encryption and logging patterns.
Familiarity with popular Threat Modeling methodologies such as STRIDE is required.
Knowledge of security architecture and development of secure software is required.
Familiarity with exploitation patterns and mitigations are required.
Familiarity with DevSecOps pipelines, methods and practices is required.
Past experience in SAST, DAST, open source scanning and penetration testing is preferred.
Past experience in software development in a mainstream language is preferred.
Experience using ServiceNow is preferred.
Qualifications:
A College or University degree and/or relevant work experience is required
7-10 years of experience in software development and information security
Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.
We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.
Apply today and talk to us about your flexible working requirements and together we can achieve greater.
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.
Description:
Create and review threat models using various approaches such as off the shelf tools, whiteboarding etc.
Research and analyze security architecture for applications developed in-house as well as vendor products
Analyze / create conceptual and logical architecture designs
Work with dev teams to evaluate application architecture, analyze trade-offs, and recommend solutions and mitigating controls.
Assess risks through Threat Modeling and security reviews with teams
Advise product teams on the security implications of their designs and roadmaps
Collaborate within the SSDLC space for other team functions like SAST, DAST, SCA, and pen-testing.
Must keep up with industry trends, especially in cloud service provider services and related security threats and common misconfigurations and anti-patterns.
Must pick up the skills to influence and collaborate with a combination of technical and non-technical people to further security goals and objectives.
In addition to technical ability, an awareness of broader risk landscape and the ability to understand and improve SSDLC and related processes is desirable.
Specific knowledge/ skills:
Knowledge of security architecture patterns across major CSP's like Azure, AWS and GCP is required, along with specific awareness of TLS, key management, SAML integration, encryption and logging patterns.
Familiarity with popular Threat Modeling methodologies such as STRIDE is required.
Knowledge of security architecture and development of secure software is required.
Familiarity with exploitation patterns and mitigations are required.
Familiarity with DevSecOps pipelines, methods and practices is required.
Past experience in SAST, DAST, open source scanning and penetration testing is preferred.
Past experience in software development in a mainstream language is preferred.
Experience using ServiceNow is preferred.
Qualifications:
A College or University degree and/or relevant work experience is required
7-10 years of experience in software development and information security
Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.
We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.
Apply today and talk to us about your flexible working requirements and together we can achieve greater.
