Job Title

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.Responsibilities:Enterprise Framework & GovernanceEvolve the enterprise AI and Cloud Risk & Control Framework, partnering with AI Architecture, Model Risk, Cyber, Data, Privacy, Resilience, and Third‑Party Risk teams to ensure consistency and regulatory defensibility.Define enterprise‑wide risk taxonomy and tiering, aligned to use‑case criticality, autonomy, data sensitivity, customer impact, and systemic exposure.Establish clear risk‑to‑control linkages to support consistent decisions and audit‑ready governance.Define minimum control expectations for AI and Cloud services and act as the authoritative interpreter of AI and Cloud risk standards.AI & Cloud Risk AssessmentCollaborate on the enterprise AI and Cloud risk assessment methodology, ensuring it is risk‑based, proportionate, repeatable, and auditable.Partner with AI Architecture and Model Risk to assess inherent and residual risks, including model behavior, bias, explainability, data risk, security, resilience, and autonomy.Embed risk assessment across the AI lifecycle and cloud onboarding and architecture decisions, ensuring outcomes inform risk acceptance and executive reporting.Control Design & EffectivenessSet expectations for AI and Cloud control design, ensuring controls are embedded by design and aligned to preventive, detective, and corrective principles.Define standards for human oversight, monitoring, logging, explainability, and evidence.Partner with Risk and Assurance teams to assess control effectiveness and drive remediation of systemic gaps.Regulatory Alignment & AdvisoryEnsure alignment with internal standards, model risk governance, and emerging AI regulatory expectations.Translate regulatory requirements into practical, implementable controls for first‑line teams.Act as a trusted risk advisor and challenger to senior Technology, Cloud, Architecture, and AI leaders, owning final risk recommendations for high‑impact initiatives.Enablement & MaturityDevelop playbooks and guidance to scale consistent AI and Cloud risk practices.Coach risk and technology partners to improve enterprise risk fluency.Advance AI governance maturity, including automation and integration with modern engineering practices.Experience & Background15+ years of experience in Technology Risk, Cyber Risk, Model Risk, Cloud Risk, or related disciplines, with demonstrable enterprise‑level accountability.Proven track record of designing and owning enterprise‑wide risk and control frameworks.Deep exposure to AI systems, cloud platforms, and complex digital architectures within regulated environments.Professional certifications such as CISSP, CCSK, CRISC, or equivalent (preferred, not mandatory).