Sr. Lead, IT Risk and Controls - KRI Development, Metrics & AutomationMajor Duties:1. KRI strategy and development: Lead the design, refinement, and implementation of Key Risk Indicators (KRIs) that provide meaningful insight into technology risk, control health, emerging trends, and management action priorities. Partner with risk, control, technology, and business stakeholders to define KRI methodology, thresholds, escalation criteria, and reporting standards.
2. Metrics, analytics, and executive reporting: Develop and maintain risk metrics, dashboards, and recurring reporting that enable senior management to monitor risk exposure, control performance, issue trends, and remediation effectiveness. Translate complex data into clear insights, themes, and actionable recommendations.
3. Automation and process improvement: Identify opportunities to automate manual reporting, data aggregation, KRI refreshes, workflow handoffs, and control-monitoring activities using tools such as Power BI, Power Automate, SQL, Python, SharePoint, or similar platforms. Build or guide sustainable automation solutions that improve accuracy, timeliness, scalability, and repeatability.
4. Data governance and quality: Establish and maintain data definitions, lineage, documentation, and quality checks supporting KRIs and risk reporting. Work with data owners and stakeholders to improve completeness, accuracy, consistency, and usability of risk and control data.
5. Stakeholder engagement and leadership: Serve as a senior subject matter resource for KRI development, risk analytics, and automation-enabled reporting. Facilitate discussions with cross-functional teams, influence alignment on metrics and thresholds, and provide guidance to less experienced team members.
6. Industry awareness and innovation: Stay current with technology risk management practices, control frameworks, analytics techniques, and automation capabilities. Recommend enhancements that strengthen risk monitoring, improve decision-making, and reduce manual effort across the function.
Requirements: - Bachelor's or Master's degree in a relevant field such as Information Systems, Data Analytics, Data Science, Business Analytics, Risk Management, Statistics, or a related discipline.
- 7+ years of experience in technology risk, risk analytics, metrics development, controls, data analysis, or a related field, with demonstrated ability to operate at a senior lead level.
- Experience designing, implementing, and maintaining KRIs, KPIs, dashboards, thresholds, and risk reporting for technology risk, controls, issue management, or governance functions.
- Proficiency with data analysis and reporting tools such as SQL, Power BI, Excel, and Python; experience with automation tools such as Power Automate, SharePoint workflows, or similar platforms is strongly preferred.
- Familiarity with technology risk and control frameworks such as NIST, COBIT, ITIL, ISO 27001, or similar frameworks, and the ability to connect control objectives to measurable risk indicators.
- Strong analytical, problem-solving, and critical-thinking skills, with the ability to identify trends, challenge assumptions, and convert data into actionable risk insights.
- Excellent communication and presentation skills, with the ability to influence stakeholders, explain complex risk concepts, and prepare senior-management-ready reporting.
- Highly organized and detail-oriented, with the ability to manage multiple priorities, lead initiatives independently, and drive continuous improvement across risk reporting and automation processes.
Salary Range:
$95,600 - 162,400 USD
Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.