Principal, Infra Cloud

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.

Summary

Northern Trust is seeking a Principal Engineer to lead the design and automation of secure, compliant, and scalable cloud infrastructure across Azure and AWS. You will drive our infrastructure-as-code (IaC) strategy, establish policy-as-code guardrails, and build repeatable provisioning patterns that meet the rigor of financial regulatory requirements (e.g., SOX, PCI DSS, SOC 2, GLBA/FFIEC, ISO 27001, NIST 800-53). As a senior technical leader, you'll partner closely with Security, Compliance, Audit, Architecture, and Platform Engineering to deliver resilient landing zones, golden paths, and CI/CD pipelines that enable product teams to ship quickly without compromising governance or risk controls. Are you ready to take the next step in your career with this exciting opportunity?

Responsibilities:

• Principal lead for infrastructure-as-code (IaC) automation (e.g., Terraform) to guide reference architecture via IaC to provide acceleration to application development teams programmatically.
• Expert in modern software DevOps and CI/CD tooling, such as GitHub, GitHub Actions, ADO, Jenkins, etc., to provision infrastructure resources and prevent configuration drift.
• Acts as senior technical advisor to engineering and application teams to help enable adoption of cloud best practices across enterprise by focusing on broader strategic priorities for leadership.
• Evaluates new technology options for cloud automation, vendor products to make recommendations to leadership to integrate into environments.
• Collaborate with product, architecture, and other stakeholders to ensure cloud technologies are designed in accordance with product roadmaps and well architected frameworks.
• Develop, implement, and enforce Policy-as-Code (PaC) for cloud environments (Azure, AWS) to configure, detect, remediate, and enforce security standards.
• Support remediation of security vulnerabilities using cloud posture management and ITSM tooling in accordance with service level agreements (SLA)
• Manage, configure, enhance, and operate cloud security posture management platforms (e.g., Wiz, Prisma Cloud, etc.) for pre-deployment scanning of IaC code to protect infrastructure.

Minimum Qualifications

• Bachelor's degree in computer science, engineering, or related technical fields
• 12+ years in infrastructure/platform engineering
• 7+ years in Azure and AWS at enterprise scale
• Expert in Terraform (modules, workspaces, state management, private registries)
• Excellent communication; able to produce clear design docs, control narratives, and audit evidence.

Preferred Qualifications

• Ability to manage infrastructure environments, configurations, and IaC scripts to support application pattern and workflows via self-service automation (e.g., Backstage.io).
• Support all phases of the cloud resource lifecycle management and develop new IaC automation capabilities when new cloud service products are created and business need.
• Strong understanding of the design, implementation and maintenance of network infrastructure in multi-region and multi-cloud environments
• Proficiency in scripting languages: Python, Perl, Ruby, PowerShell, YAML, KQL, other
• Proficiency in waterfall and Agile, Scrum, Kanban, SAFe, etc. delivery methodologies
• Knowledge and experience in testing automation harnesses and frameworks
• Understanding and ability to ensure operational stability and enforcement of security controls via Policy-as-Code and IaC automation.
• Independently managing workload, coordinating priorities with technical leads, and completing deliverables per the processes and standards
• Ability to work independently and manage multiple tasks and projects and maintain day-to-day management and administration of projects in an Agile environment
• Deep understanding of cloud networking (VPC/VNet, routing, DNS, private link/endpoints, transit, firewalls), identity (Azure AD/Entra ID, IAM, roles, SCPs), and Kubernetes (EKS/AKS).
• Proven experience translating financial regulatory frameworks (SOX, PCI DSS, SOC 2, GLBA/FFIEC, ISO 27001, NIST 800-53) into technical controls and automation.
• Strong with CI/CD for IaC (GitHub Actions, Azure DevOps, CodePipeline), including change management, approvals, artifact promotion, and segregation of duties.
• Hands-on with security tooling (Defender for Cloud, Security Hub, GuardDuty, Sentinel), policy engines (Azure Policy, SCPs, OPA/Sentinel), and compliance-as-code patterns.
• Programming proficiency in Python and/or Go for tooling, CLIs, and automation.

Salary Range:
$137,400 - 233,600 USD

Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at .

We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.