Infrastructure Vulnerability Management Governance – Lead
Northern Trust
About Northern Trust
As a global leader in innovative wealth management, asset servicing, asset management and banking services, Northern Trust (Nasdaq: NTRS) is proud to guide the world’s most successful individuals, families, corporations and institutions.
Since 1889, we have aligned our efforts with our three guiding Principles That Endure: Service, Expertise, and Integrity. Together, they reflect the three cornerstones of business conduct which we strive to instill in our employees, whom we call partners, and to provide to our clients and the communities we serve worldwide.
With more than 135 years of financial experience and over 24,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.
Location
Pune
About Role
The Infrastructure Vulnerability Management Governance and Oversight Support – Lead is a key position within the Global Infrastructure Risk and Control team. The role focuses on providing governance, risk oversight, and remediation support across Infrastructure Vulnerability Management domains. This position partners closely with Vulnerability Operations, Infrastructure Platform teams, Application teams, Technology owners, and Risk partners to ensure effective vulnerability remediation governance, control effectiveness, timely closure of identified risks, and strong audit and regulatory readiness. The role provides risk-minded guidance, supports escalation management, and enables consistent, executive-ready reporting of the organization's vulnerability risk posture.
Major Duties
- Support the Principal in managing Vulnerability Management governance activities across regions, including oversight of remediation plans, risk exceptions, SLA breaches, escalations, and closure tracking.
- Support the Principal in strengthening Vulnerability Management processes and improving control sustainability across Infrastructure and Platform teams.
- Drive weekly and monthly vulnerability risk and remediation reporting, including current state, aging, due and overdue vulnerabilities, SLA adherence, exception status, and executive escalations.
Don't want to miss the next one?
Subscribe to daily email alerts for roles matching your interests.