Skip to content

Security Assessment Senior Specialist

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

At Northwestern Mutual, we believe relationships are built on trust.

That our lives and our work matter. These beliefs launched our company over 160 years ago. Today, they're just a few of the reasons why people choose to build careers at Northwestern Mutual.

We're strong and growing. In a company with such a long and storied history, this may be the most exciting and important time to be a part of Northwestern Mutual. We're strong, innovative and growing.

We invest in our people. We provide opportunities for employees to grow themselves, their career and in turn, our business.

We care. We make a positive difference in our communities. Nationally, thousands have benefitted from our support of research and programs to fight childhood cancer. Each year, our Foundation, employees and financial representatives donate time, talent and financial support to causes they're passionate about.

We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

What's the role?

Northwestern Mutual is looking for Security Assessment Consultant to join the Risk Engineering Program Team to focus on supervising the Risk Engineering Program.

Responsibilities:

  • Coordinate, co-host and capture topics for the Risk Engineering events including Risk Engineer Alignment Sessions.
  • Coordinate, co-host and gather topics for additional learning sessions for the Risk Engineer community.
  • Coordinate, co-host and lead focus group discussions with select Risk Engineers across the organization.
  • Answer support questions from Risk Engineers on a rolling basis on various communication platforms
  • Gather ideas for Confluence updates and Risk Engineer Alignment Session topics.
  • Grant or remove access to the resources needed to perform the Risk Engineer Role as employees join/depart.
  • Assist with identification of replacement Risk Engineer. Transition assets to the replacement Risk Engineer.
  • Coordinate and host recurring training events for new Risk Engineers.
  • Plan and activities and incentives for Risk Engineers recognition.
  • Assist with onboarding new team members to the Risk Engineering Program including working with leadership across the company to set goals of the new Risk Engineer's role & prioritize first projects. Grant access to vital applications and tools for new Risk Engineers. Sending a welcome email that includes resources and a team breakdown and providing mentorship.
  • Stay up to date on changes and updates to help with the internal tasks and documentation
  • Defining and operating processes to document, report, and run findings, exceptions to standards, and identified risks to ensure that appropriate action plans are built and implemented to remediate gaps, deficiencies, and risks.
  • Leading, coaching, and mentoring the engineering community and other team members on aspects of the information risk management program and specific processes to ensure behaviors and outcomes that support information protection, privacy, and data security, and drive consistency, quality and efficiency of deliverables.
  • Developing action plans to support departmental and corporate strategy.

Bring your best! What this role needs:

  • Bachelor’s degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS or related field; or related work experience beyond the minimum required.
  • One or more sophisticated risk or security certifications (e.g. CISSP, CRISC, CISA, CISM, CCSP, FAIR).
  • Four or more years of experience in information systems or systems audit with a proven knowledge in technologies and processes
  • Demonstrated ability to craft and implement IT general controls
  • Ability to assess designs for risk and control gaps and recommend remediation approaches
  • Demonstrated ability to lead, coach and mentor other team members
  • Strong ability to independently identify and resolve critical and complex issues through effective problem solving skills
  • Proven ability to maintain and strengthen relationships; ability to effectively influence and negotiate with internal and external partners
  • Proven track record in handling ambiguity
  • Assessment experience - Security Assessments, Risk Assessments, Vendor Assessments, Compliance Assessments
  • Ability to recommend mitigating controls for various security gaps
  • Cloud Security experience - AWS, Azure
  • Knowledge of NIST framework
  • Experience or solid understanding with threat modeling methodologies visually representing data and process flows in an enterprise environment.

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!

W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.


FIND YOUR FUTURE

We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.