Sr. Associate, Cyber Sec Eng

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

We are looking for an experienced Senior Cyber Security Associate with deep expertise in Static Application Security Testing (SAST) and Software Composition Analysis (SCA) to strengthen our application security posture.

Principal Responsibilities/Requirements:

Key Responsibilities:

SAST & SCA Program:

• Support the implementation, configuration, and tuning of SAST and SCA tools across SDLC.
• Work on refining/enhancing rulesets, policies, and onboarding frameworks for development teams.
• Support Integration of SAST and SCA into CI/CD pipelines, ensuring minimal disruption to development workflows.

Governance & Risk-Based Management:

• Support governance frameworks, SLAs, and remediation workflows for identified vulnerabilities.
• Collaborate with developers, architects, and product teams to triage and remediate findings.
• Ensure vulnerabilities are managed in accordance with enterprise risk appetite and compliance mandates.
• Supporting DAST/PT team when necessity

Stakeholder Engagement & Enablement:

• Serve as the SME for SAST and SCA tools, processes, and best practices.
• Provide ongoing training, workshops, and consultation to engineering teams.
• Advocate for secure coding practices and promote DevSecOps maturity.

Metrics & Continuous Improvement:

• Develop KPIs, dashboards, and reports to track scan coverage, vulnerability trends, and remediation effectiveness.
• Continuously assess tool efficacy and process gaps to optimize security testing practices.
• Stay current on security trends, vulnerabilities, and industry standards (e.g., OWASP, NIST, ISO).

Required Qualifications:

• 5+ years of relevant working experience
• Any infosec certifications or related (desired, not a compulsion)
• Good knowledge of secure coding practices, software development lifecycle, and DevSecOps.
• Automation skills (desired, not a compulsion) Skill / Experience
• Strong analytical and problem-solving skills
• Experience with report visualization (Excel, ServiceNow, PowerPoint, Power BI, etc.)
• Ability to work autonomously, under pressure, and to prioritize tasks

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.