IT & Cyber Risk Specialist

ING is looking for a IT & Cyber Risk Specialist

ING is a bank that is known for its IT innovations and has a primarily focus on IT Risk & Security. ING CISO Tech NL is looking for a passionate and inspiring Non-Financial Risk specialist, who will support the CISO department and the IT organization in the role of IT & Cyber Risk Specialist. You will enable IT senior management to work on IT Risk & Security activities ensuring the ING Market Leader applications and processes for Tech NL are and remain safe and compliant.

In the function of IT & Cyber Risk Specialist your main focus will be

to help the engineering squads and Tech NL IT Leadership within Market Leaders NL, to improve their way of working with in the IT & Cyber risk area and make a positive impact on their daily work.

You will fulfil this goal by:

• Developing and overseeing the implementation of IT-risk and security policies, procedures, and controls within Tech NL IT domains
• Providing guidance and support on IT-risk and security best practices
• Assisting and advising on IT-risk and security compliance (ITRMP controls, CAS findings, MIAs, vulnerabilities, and other issues).
• Supporting improvement initiatives for various risk areas like Risk automation projects, Automated risk reporting, Tool implementation, etc.
• Implementing various channels for knowledge sharing for IT-risk & security topics
• Supporting with drafting required MIAs / risk acceptance and remediation of IT-risk & control issues and security incidents
• Facilitating IT-risk and security awareness training programs
• Monitoring and reporting on status and progress of IT-risk and security compliance state, issue mitigations, audit findings and other relevant KRI’s/KPI’s
• Keeping track and communicating all changes and updates on risk policies to relevant stakeholders.
• Supporting the engineering squads in maintaining the risk scores on the target levels, where possible reduce and/ or mitigate the various risks
• Cooperate with first- and second-line risk management including coaching of the first line testing team in Bratislava
• Build strong relationship with internal and external stakeholders.

Your working Environment:

In the CISO Tech NL department, we take responsibility for IT Risk & Security focusing on creating a Safe & Compliant bank.

As IT & Cyber Risk Specialist you will liaise with all levels of defence in ING’s risk model ranging from engineers, management and CISO in the first line, Information Risk Officers and policy makers in the 2nd line to auditors in the 3rd line. You will maintain this relations to build a safe, secure and compliant bank with a detailed focus on IT Risk & Security. ING works in multi-disciplinary teams based on Scrum, Agile and DevOps principles. Responsibility for Infra and Security is adapted within the squads, business & IT have joined, making a squad end-to-end responsible for a customer journey or product. This is also called the ING adaptation of the ‘Spotify’ model. For more about our way of working please visit: https://www.youtube.com/watch?v=D3iu2kfZ3w4

The type of person we are looking for:

• Inspiring, full of energy and passionate
• Focused on working together, facilitating others within CISO and its stakeholders to be successful
• You don’t take things as granted and you are willing to challenge the status quo
• You have experience and knowledge of IT Risk & Security and its related processes
• You are strong at stakeholder management
• You drive for results and you think in possibilities
• You are constantly looking for improvements
• You are a self-starter and eager to learn and continuous develop yourself in the various Risk areas

The skillset you need to have:

• A University/ Postgraduate (Masters) degree in computer science or comparable education
• Certification like CISSP, CISM, CRISC or CISA are a pre
• IT & Security risk management expertise
• Strong project and stakeholders management skills 
• Experience with data analytics and visualization tools, such as Power BI is a pre
• People management skills and coaching skills
• Strong analytical skills and critical thinking
• Strong communicational skills
• Strong consulting, negotiating, and presenting skills
• Speaking and writing the English language is a must have.  

ING sets high standards for a high-performing culture, but also for our values according we are working to. These values are defined in the “orange code”. Check out more on: https://www.ing.jobs/Global/Careers/Orange-code.htm

What we offer:

• Professional working environment
• 40 hour working week
• An above market average salary depending on experience and expertise
• Entrance to (international) IT events, seminars, courses etc.
• The working location is Amsterdam.