Information Risk Specialist @ING Hubs Romania

The Mission

The NFR Hubs Romania team is an integral part of ING’s Non-Financial Risk domain. The team is responsible for ensuring consistent implementation of NFR frameworks, policies, and procedures, while fostering a collaborative and high-performing environment within the hubs.

The Information Risk Management (IRM) team within ING Global NFR Center in ING Hubs Romania, acting as part of Non-Financial Risk for ING Bank Romania acts as a 2nd Line function providing independent oversight and challenge on IT, information and operational resilience risks.

Through a combination of risk-based oversight, data-driven insights and close business partnership, IRM supports the identification, assessment and management of risks, enabling the bank to deliver its strategic objectives in a safe, compliant and resilient manner 

Your day to day

As an Information Risk Specialist (NFR Specialist), you will be responsible for:

• Partner with business and IT stakeholders as an independent 2nd Line function, ensuring that risk considerations are properly embedded into decision-making;
• Provide independent oversight and constructive challenge on how risks are identified, assessed and managed, ensuring alignment with risk frameworks and standards;
• Support a risk-based approach, focusing attention on areas with higher impact or exposure;
• Monitor and interpret the risk profile, highlighting trends, gaps and areas requiring attention or improvement;
• Contribute to a consistent application of risk frameworks across the organization;
• Balance oversight with enablement, supporting safe and compliant delivery of business and IT initiatives;
• Drive constructive dialogue on risk topics, helping teams make informed and proportionate decisions;
• Promote a strong risk culture through collaboration, knowledge sharing and continuous interaction.

Specific tasks

• Provide independent oversight and challenge on IT, information and operational resilience risks across the organization;
• Review and challenge risk assessments and related mitigation plans to ensure completeness and quality;
• Oversee the implementation and effectiveness of key risk and control frameworks;
• Contribute to risk governance, monitoring and reporting, including coordination and review of risk and control reporting from the 1st Line and follow-up on remediation actions;
• Act as a risk partner for assigned business areas, building effective working relationships and providing clear, actionable guidance;
• Perform thematic reviews, deep dives and data-driven analyses to identify trends, gaps and improvement areas, prepare reports summarizing monitoring outcomes for internal stakeholders;
• Monitor and challenge risk remediation and project-related risks across the lifecycle, including escalation where needed;
• Provide expert advice on risk policies, standards and procedures, and contribute to their continuous improvement and alignment with regulatory expectations.

What you’ll bring to the team

• University/Post Graduate (Master’s) or Bachelor Degree;
• Experience with Non-Financial Risk (NFR) Management frameworks, governance and methodology including related processes, controls and relevant regulations (e.g. EBA, ECB);
• Experience with Information & Technology Risk Management Policies and related internal control standards (e.g. Identity and Access Management, Cyber, Data, AI and Emerging Technologies etc.);
• 3+ years of working experience preferably within the banking sector and/or IT audit;
• Ability to challenge constructively and communicate clearly with stakeholders;
• Strong analytical skills and attention to detail;
• Ability to balance risk awareness with business needs;
• Collaborative mindset and willingness to work across teams.

If you want to deep dive into the processing of personal data conducted by ING Hubs Romania during the recruitment process and your rights related to it, read the privacy notices on ourwebsite (make sure to scroll until you reach the Data Protection section/ Candidates tab).