Cyber Risk Governance Specialist @ING Hubs Romania

Discover ING Hubs Romania

ING Hubs Romania offers 130 services in software development, data management, non-financial risk & compliance, audit, and retail operations to 24 ING units worldwide, with the help of over 2000 high-performing engineers, risk, and operations professionals.

We started out in 2015 as ING’s software development hub, then steadily expanded our range to include more services and competencies. Now we provide borderless services with bank-wide capabilities and operate from two locations: Bucharest and Cluj-Napoca. 

Our tech capabilities remain the core of our business, with more than 1800 colleagues active in Data and Analytics Tech, Tech Foundation and Channels, Retail Core Banking and Architecture, and Global Products and Technology Services. 

We enjoy a flexible way of working and a highly collaborative environment, where fair and constructive feedback is encouraged.  

For us, impact isn't a perk. It's the driver of our work. We are guided and rewarded by a shared desire to make the world a better place, one innovative solution at a time. Our colleagues make it their job to do impactful things and they love doing it in good company. Do you?  

The Mission

As part of the IT Security & Risk 1st LoD team and central WB CISO collaboration structure, your focus will be on providing IT security governance and  IT risk expertise across multiple domains, ensuring alignment with the organization’s security requirements and risk appetite.

Your day to day

• Contribute to the development, improvement and alignment of IT Security and IT Risk processes in accordance with corporate standards;
• Review security requirements for applications, perform gap analysis and recommend remediation measures;
• Initiate, facilitate and support Business Impact Assessments (BIA) and IT Risk Assessment exercises;
• Monitor, track, and report security and risk-related KPIs and KRIs;
• Ensure strong collaboration with central IT Security teams, DevOps squads, and application stakeholders to maintain continuous compliance;
• Provide training and awareness on IT security and IT risk topics to support adoption of updated processes or requirements;
• Offer expert guidance on IT risk management activities and contribute to cross-functional projects within WB CISO;
• Evaluate IT controls for proper design and operational effectiveness;
• Act and advise on IT-related issues, including audit points and compliance observations;
• Serve as liaison between 1st Line, 2nd Line, and 3rd Line of Defense.

What you’ll bring to the team

• 3–5 years of experience in IT audit, IT risk, IT security, IT compliance, or related roles;
• Solid understanding of ISO/IEC 27000, NIST, COBIT, CIS, and similar frameworks;
• Good technical understanding of operating systems, databases, virtualization, cloud, and SDLC;
• Relevant certifications (CISA, CRISC, CISM, CISSP, CEH, ISO27001) are a plus ;
• Excellent written and verbal English skills.

If you want to deep dive into the processing of personal data conducted by ING Hubs Romania during the recruitment process and your rights related to it, read the privacy notices on ourwebsite (make sure to scroll until you reach the Data Protection section/ Candidates tab).