Define and lead the global strategy for vulnerability management and security configuration across: Infrastructure (on-prem & cloud), endpoints, and platform environments
Transition capabilities from pre-AI to AI-enabled , including: Risk-based prioritization
Automation-led remediation
Threat-informed decisioning
Align to CTEM principles and enterprise risk objectives
Program Execution
Operate and scale a global vulnerability management program , including: Discovery, prioritization, remediation, and governance
Security configuration and continuous compliance
Implement risk-based models incorporating: Threat intelligence and exploitability
Asset criticality and external exposure
Enforce enterprise-wide policy and remediation standards
Engineering & Modernization
Lead automation-first, API-driven capabilities across vulnerability lifecycle
Integrate with enterprise platforms: Asset inventory, CI/CD, and change management systems
Embed shift-left and continuous control practices across infrastructure lifecycles
Security Configuration
Define and enforce enterprise hardening baselines
Implement continuous monitoring and drift detection
Ensure alignment with regulatory and industry standards
Leadership & Governance
Lead a lean, high-performing team (~4 FTE, ~10 contractors)
Foster a hands-on, engineering-led culture
Deliver clear executive reporting on risk, exposure, and remediation performance
Drive governance including exception management and SLA enforcement
Requirements
12+ years in cybersecurity with deep experience in vulnerability management and security engineering
Proven success building and scaling enterprise programs
Track record leading large-scale transformation initiatives
Why This Role Matters
This role is central to advancing Northern Trust's ability to proactively manage cyber risk in an AI-driven landscape , shifting from reactive vulnerability management to a scalable, intelligence-led capability .
Salary Range:
$164,600 - 288,000 USD
Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.
Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater
Reasonable accommodation
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable ac
Benefits
Health insuranceDental insuranceVision insurance401(k)Flexible scheduleEquity / stock optionsPerformance bonusParental leave
Additional Information
About Northern Trust:
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.
Northern Trust is seeking a Global Director of Vulnerability Management & Security Configuration to define and execute the enterprise strategy for reducing technology risk across infrastructure, cloud, and AI-driven environments.
This leader will drive the evolution from traditional vulnerability management to a modern, AI-enabled, risk-based capability , leveraging automation, contextual prioritization, and advanced analytics to reduce attack surface at scale.
This is a hands-on, engineering-led leadership role requiring strong presence at both the executive and deep technical levels .
Ntrs · Chicago, IL