The Sr Principal Solutions Consultant – Cyber Resiliency sits at the intersection of Cyber Security, Infrastructure & Cloud Engineering, and Resiliency Engineering. The role leads the design, engineering, and validation of enterprise cyber resilience capabilities across the firm's global technology estate — developing severe-but-plausible cyber scenarios, integrated end-to-end recovery playbooks, and enterprise-wide recovery validation strategies. Partnering closely with Cyber Security, Infrastructure Engineering, Application & Data Engineering, and the Global Command Center, this position ensures Tier-0 and mission-critical services can recover from destructive cyber events while meeting global regulatory expectations for operational resilience.
Enterprise Cyber Resilience Architecture
- Define and lead enterprise cyber resilience architecture patterns across on-prem, private cloud, public cloud (AWS, Azure), and critical SaaS providers
- Design capabilities including:
- Isolated Recovery Environments (IRE) / Clean Room Recovery
- Cyber vault and immutable backup architectures
- Point-in-Time Recovery (PiTR) strategies
- Identity and access recovery mechanisms
- Ensure resilience is embedded into Tier-0 architecture and design standards
Cyber Scenario Engineering
- Develop severe-but-plausible cyber-attack scenarios aligned to real-world threats: ransomware, identity compromise, data corruption, cloud control plane compromise, and supply chain attacks
- Translate scenarios into end-to-end recovery execution models across infrastructure, applications, and data layers
Integrated Recovery Playbooks
- Lead development of cyber recovery playbooks orchestrating response across Cyber Security, Infrastructure, Application teams, Business Continuity, and Global Command Center
- Define recovery sequencing, escalation paths, clean data validation, and operational command structures
- Ensure playbooks are actionable, tested, and executable under crisis conditions
Cyber Tabletop Exercises & Validation
- Design and facilitate enterprise cyber recovery tabletop exercises and simulations
- Validate end-to-end recovery execution, cross-team coordination, RTO achievement, and data integrity
- Capture lessons learned and drive continuous improvement
Gap Identification & Resilience Uplift
- Identify systemic gaps and failure points across cyber recovery capabilities
- Manage a cyber resilience gap remediation backlog
- Partner with engineering teams to implement architectural improvements, enhance recovery automation, and strengthen identity and infrastructure resilience
- Track and report resilience maturity improvements
Tier-0 & Third-Party Alignment
- Ensure Tier-0 and critical business services have defined recovery strategies, validated playbooks, and mapped dependencies
- Assess and validate cyber recovery capabilities of critical third-party vendors and SaaS providers; integrate into enterprise recovery strategies
Architecture Governance & RIG Alignment
- Participate in Architecture Review Boards (ARBs) to enforce cyber resilience standards
- Contribute to Resiliency Implementation Guidelines (RIGs) and enterprise patterns
- Ensure new solutions meet enterprise cyber recovery requirements
REQUIRED QUALIFICATIONS & TECHNICAL EXPERTISE
Experience
- 12+ years across infrastructure architecture, cloud engineering, cyber security engineering, and resiliency / disaster recovery engineering
- Large-scale enterprise or financial services environments
- Proven track record designing cyber recovery or disaster recovery architectures
Infrastructure & Platforms
- Data center architecture: compute, storage, virtualization
- Backup and recovery platforms
Cloud
- AWS and/or Azure — hybrid cloud architectures
Security
- Cyber incident response
- Identity and access management
- Threat and attack vectors
Data Protection & Resilience
- Backup / restore, immutable storage, point-in-time recovery
- DR architectures, cyber vault / clean room recovery
- Dependency mapping and failure analysis
Architecture & Leadership Skills
- Ability to design enterprise-scale recovery architectures
- Strong systems thinking and dependency mapping
- Experience developing technical playbooks and recovery procedures
- Ability to lead cross-functional technical initiatives
Preferred Qualifications
- GSIB or highly regulated financial institution experience
- Experience designing Isolated Recovery Environments (IRE)
- Experience running enterprise cyber tabletop exercises
- Familiarity with operational resilience regulatory frameworks
Cyber resilience architecture
Scenario engineering & testing
Enterprise recovery orchestration
Cross-domain technical leadership
Crisis response coordination
Continuous improvement & gap remediation
This role ensures the firm can withstand and rapidly recover from destructive cyber events — protecting critical business services, safeguarding client data, and meeting global regulatory expectations for operational resilience. Through cyber scenario engineering, recovery playbook leadership, and cross-domain collaboration, the Sr Principal Solutions Consultant – Cyber Resiliency establishes and continuously strengthens the firm's cyber recovery posture.
Salary Range:
$164,600 - 288,000 USD
Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.