Description

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.

We are seeking a Senior IT Controls Analyst to be part of the Global Financial Controls IT pillar, which covers SOX, SOC 1 and SOC 2 controls across a complex, regulated financial services organization.

This role combines end-to-end Service Organization Control (SOC) governance responsibilities with hands-on IT and control testing, including ITGCs, key reports, and automated controls. The position plays a critical role in ensuring SOC reports are accurate, complete, and audit-defensible, while strengthening control design, evidence quality, and operating effectiveness.

The role partners closely with Technology, Risk, Operations, Audit Services, and external auditors to bridge control ownership, testing execution, and reporting outcomes.

Key Responsibilities

• Support the governance and execution of SOC 1 and SOC 2 reports, including scope definition, control mapping, and reporting timelines.
• Maintain SOC control inventories, risk-control mappings, and supporting documentation.
• Ensure SOC descriptions, assertions, and control language are accurate, consistent, and aligned to actual operating practices.
• Evaluate changes in systems, processes, or products for potential SOX and SOC impact.
• Perform independent testing of IT General Controls (ITGCs), including, Access management (provisioning, deprovisioning, recertifications), Change management (SDLC, migrations, approvals), Computer operations (job monitoring, incident management, backups), etc.
• Execute testing of business process controls and IT application controls (ITACs) within the SOC control framework.
• Assess design and operating effectiveness, including, Sampling, evidence inspection, and re-performance where applicable and Validation of key reports and system-generated data used in control execution.
• Identify control exceptions, articulate root causes, and assess impact to SOC & SOX objectives.
• Act as a key liaison with external auditors (e.g., KPMG) for planning, walkthroughs, and testing activities.
• Coordinate walkthroughs and testing across stakeholders and control owners.
• Review auditor testing approaches, requests, and results to ensure clear alignment with control intent and accurate population scoping and completeness.
• Challenge and validate auditor observations where needed to ensure defensible conclusions.
• Track SOC-related issues, testing exceptions, and management actions through remediation.
• Evaluate the impact of audit findings, technology risk issues, and control failures on SOC reports.
• Support development of clear, audit-ready management responses.
• Validate remediation effectiveness and closure of control deficiencies.
• Work closely with Technology, Information Security, Operations, and Risk teams to obtain and validate control evidence and clarify control responsibilities and execution expectations.
• Provide training and guidance to control owners on control design, evidence requirements, and audit readiness.
• Prepare clear, concise reporting for senior management and governance forums.
• Identify opportunities to improve control design, testing efficiency, and evidence quality.
• Standardize testing approaches across SOC, SOX, and internal audit frameworks.
• Stay current on SOC standards, AICPA guidance, and leading practices in IT control testing.

Required Qualifications

• 5+ years of experience in SOC/SOX reporting, IT audit, IT risk, or control testing roles.
• Strong knowledge of:
  • SOC 1 and SOC 2 frameworks.
  • IT General Controls (ITGCs) and IT Application Controls (ITACs).
  • Control design and operating effectiveness testing.
• Demonstrated experience performing or overseeing control testing procedures.
• Experience working with external auditors in a SOC or IT audit environment.
• Ability to assess and articulate control deficiencies and SOC impact in a clear, defensible manner.
• Strong written and verbal communication skills.

Preferred Qualifications

• Experience in financial services or another highly regulated industry
• Prior Big 4 audit or advisory experience (SOC/SOX/ IT audit preferred)
• Familiarity with related frameworks (SOX, COSO, NIST)
• Experience with automated controls, data interfaces, and reconciliation platforms
• Professional certifications (preferred): CPA, CISA, CISSP

Working Model: Hybrid (
We have a balanced hybrid working model to ensure you get the flexibility you need, and the successful candidate will spend their time between working in the office and working from home.

Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. Northern Trust will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa)

Salary Range:
$66,700 - 113,300 USD

Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com .

We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.