Skip to content

Sr Director Information Risk Management

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

Do you want to drive a cyber transformation across a Fortune 90 FinTech? Does working across an organization to rally around secure products and services excite you?

At NM, our clients come first, and the Information Risk Management (IRM) team is at the heart of that promise and built into the DNA of our products and services. We’re back-end experts: protecting your privacy and ensuring your security. There’s no such thing as a “safe system” – only safer systems. Our IRM team focuses on setting the focus, direction and impact of the enterprise with regard to an exciting mix of work to be accomplished across multiple security domains, all with the goal of highlighting and driving down risk. We’re looking for a strategic leader to deliver on a vision to protect our clients and maintain their trust through world-class and innovative cybersecurity and risk management services.

What's the role?

The Senior Director of Information Risk Management provides leadership and direction for the diverse and complex Information Risk Management (IRM) function and is accountable for IRM vision, strategies and operations 1) within IRM as a division of Enterprise Information Risk and Cybersecurity; 2) in coordinating services needed by IRM as a business client to other Enterprise Information Risk and Cybersecurity areas; 3) in collaborating with other NM business areas and the field to ensure effective information risk management across the enterprise; and (4) in collaborating with other risk practices across the enterprise to support practices and create a wholistic view of operational Information Technology risk.

We need a leader to manage and deploy IRM resources to serve diverse functional areas who is capable of negotiating with enterprise leaders to set priorities and accomplish cross-functional and complex objectives. We’re seeking someone who is practical and exercises good judgment to achieve an optimal balance between information risks and business impacts and needs, while demonstrating organizational agility and political savvy, a deep understanding of risk appetites/tolerances and an ability to influence positive change across the enterprise to drive risk-informed business decisions. We also need a leader who embraces diversity and encourages each person on the team to bring their whole self to work.

Do you enjoy shaping programs and providing advice, perspective and consultation to senior leaders across an organization? We need a leader to lead a talented team of information security professionals who is accountable for the performance and results of related disciplines including integrated risk management and managing the enterprise GRC. We need you to bring strategic thought leadership to the team and convince others of the importance of the work that the IRM and other teams in EIRC are doing to protect our clients.

Are you adept at forming positive relationships and navigating across a large organization? We need you to continually maintain these strong relationships with other operational risk practices, and business units to lead and help shape the strategy, development and implementation of world-class risk management practices across the enterprise. Our desired leader will be capable of anticipating complex risk-based business issues that will impact the organization, evaluating and prioritizing risk in new and existing systems from both a business and a technology perspective, and recommending solutions that balance effectiveness and appropriateness of risk controls with business impact and needs.

You will need to effectively influence enterprise buy-in to address critical risk areas and lead the integrated risk assessment reviews. Being able to simplify and frame complex issues, and effectively communicate to all different stakeholders are two of the most important capabilities that are needed in this role. If successful, you will be recognized across NM as an industry expert in risk management with a strong bias for action to continually improve the IRM program and drive positive outcomes. You will apply these best practices in the approval of all information risk management designs, plans, controls, processes, standards, policies and procedures. You’ll also manage all governance operations of the enterprise Information Security program and chair the Information Protection Governance team that provides corporate oversight of Information Technology risk management.

Bring your best! What this role needs:

  • Bachelor's Degree in Computer Science, Information Systems, or other related field.

  • Minimum 10 or more years of IT and business/industry experience with at least 5 years of leadership experience in managing multiple, large, cross-functional teams or projects, and influencing senior level management and key stakeholders.

  • Proven ability to define and deliver strategies and strategic initiatives.

  • Knowledge of government / industry regulatory issues which impact various Northwestern Mutual related entities.

  • Proven ability to negotiate and influence all areas of the company without direct authority.

  • Strong leadership skills.

  • Broad knowledge of past, current and emerging information risk and security trends.

  • Prior experience managing teams and projects with success balancing risk, service level agreements and cost.

  • Ability to develop and manage relationships with internal and external department leadership and business associates.

  • Must be able to create and lead cross functional teams.

  • Organizational agility, political savvy and ability to build strong, broad network of leaders in IS and across NM

  • Ability to strategically address business issues.

  • Ability to deal with ambiguity or uncertainty in developing information risk strategy.

  • Strong organizational management and communication skills.

  • Knowledge of information and technology risk.


  • CISSP, CRISC, or similar certifications.

  • Experience with managing enterprise GRC platforms and engineering teams (specifically ServiceNow IRM platform).

Beyond base salary, NM offers the following benefits; pension, 401k, comprehensive medical, dental, and vision, FREE lunch, annual bonus opportunity, and much more!


This job is not covered by the existing Collective Bargaining Agreement.

Required Certifications:

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now! 

We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.


We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.