Northern Trust
Principal, Cyber Security Engineering (SaaS)
Northern Trust, Chicago, Illinois, United States, 60290
Overview
Principal, Cyber Security Engineering (SaaS) role focused on leading the firm’s Software as a Service (SaaS) security program, with a primary focus on implementing and operationalizing Obsidian Security. The role shapes the security posture of Northern Trust’s SaaS ecosystem, driving threat detection, posture management, and compliance across critical business applications. Reporting to the Global Head of Attack Surface Management, this leader will operate all technology in the remit of Attack Surface Management including Vulnerability Management, Secure Configuration, Application Security and External Attack Surface management. This position leads a global team and collaborates with internal service delivery units and managed service providers to meet the needs of partners, clients and regulators in this area. Responsibilities
Own and evolve Northern Trust’s strategic SaaS security roadmap, aligning with enterprise risk appetite and regulatory expectations Lead the deployment, configuration, and tuning of Obsidian Security across prioritized SaaS platforms Define and enforce baseline security implementation guidelines for SaaS applications, including privileged access, identity governance, data protection, and logging/monitoring Stand up and manage Obsidian Security as Northern Trust’s Software as a Service Posture Management (SSPM) solution Integrate Obsidian with ServiceNow and other platforms, ensuring secure API connectivity and centralized authentication Monitor and triage threat detection alerts, reduce false positives, and drive operational efficiency through governed engagement models Collaborate with Enterprise Architecture, Cloud Center of Excellence, and IAM teams to ensure consistent security patterns and governance Develop and maintain control procedures and documentation in alignment with CTRM policies and standards Support regulatory mapping and enablement of frameworks such as CIS benchmarks within Obsidian Oversee effective KPIs / monitoring to ensure Attack Surface Management technologies are operating within defined standards and controls Partner with key technology vendors (Software and Managed Services providers) to ensure value for spend Brief senior leadership, business units and regulators on relevant threats, process improvements and readiness for change Qualifications
8+ years of experience in cybersecurity engineering, with a focus on SaaS or cloud security Proven experience implementing SSPM or CSPM tools; direct experience with Obsidian Security strongly preferred Deep understanding of security configuration, identity federation, API security, and SaaS-to-SaaS data movement Strong communication and stakeholder management skills Relevant certifications (e.g., CISSP, CCSP, AWS/Azure Security Engineer) are a plus Salary & Benefits
$137,400 - 233,600 USD Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component. Working With Us
As a Northern Trust partner, you will be part of a flexible and collaborative work culture in an organization where financial strength and stability support exploration of new ideas. Movement within the organization is encouraged, senior leaders are accessible, and the company is committed to assisting the communities we serve. Join a workplace with a greater purpose. Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and discuss your flexible working requirements.
#J-18808-Ljbffr
Principal, Cyber Security Engineering (SaaS) role focused on leading the firm’s Software as a Service (SaaS) security program, with a primary focus on implementing and operationalizing Obsidian Security. The role shapes the security posture of Northern Trust’s SaaS ecosystem, driving threat detection, posture management, and compliance across critical business applications. Reporting to the Global Head of Attack Surface Management, this leader will operate all technology in the remit of Attack Surface Management including Vulnerability Management, Secure Configuration, Application Security and External Attack Surface management. This position leads a global team and collaborates with internal service delivery units and managed service providers to meet the needs of partners, clients and regulators in this area. Responsibilities
Own and evolve Northern Trust’s strategic SaaS security roadmap, aligning with enterprise risk appetite and regulatory expectations Lead the deployment, configuration, and tuning of Obsidian Security across prioritized SaaS platforms Define and enforce baseline security implementation guidelines for SaaS applications, including privileged access, identity governance, data protection, and logging/monitoring Stand up and manage Obsidian Security as Northern Trust’s Software as a Service Posture Management (SSPM) solution Integrate Obsidian with ServiceNow and other platforms, ensuring secure API connectivity and centralized authentication Monitor and triage threat detection alerts, reduce false positives, and drive operational efficiency through governed engagement models Collaborate with Enterprise Architecture, Cloud Center of Excellence, and IAM teams to ensure consistent security patterns and governance Develop and maintain control procedures and documentation in alignment with CTRM policies and standards Support regulatory mapping and enablement of frameworks such as CIS benchmarks within Obsidian Oversee effective KPIs / monitoring to ensure Attack Surface Management technologies are operating within defined standards and controls Partner with key technology vendors (Software and Managed Services providers) to ensure value for spend Brief senior leadership, business units and regulators on relevant threats, process improvements and readiness for change Qualifications
8+ years of experience in cybersecurity engineering, with a focus on SaaS or cloud security Proven experience implementing SSPM or CSPM tools; direct experience with Obsidian Security strongly preferred Deep understanding of security configuration, identity federation, API security, and SaaS-to-SaaS data movement Strong communication and stakeholder management skills Relevant certifications (e.g., CISSP, CCSP, AWS/Azure Security Engineer) are a plus Salary & Benefits
$137,400 - 233,600 USD Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component. Working With Us
As a Northern Trust partner, you will be part of a flexible and collaborative work culture in an organization where financial strength and stability support exploration of new ideas. Movement within the organization is encouraged, senior leaders are accessible, and the company is committed to assisting the communities we serve. Join a workplace with a greater purpose. Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and discuss your flexible working requirements.
#J-18808-Ljbffr