Defensive Security Expert I

Do you aspire to influence a vital and expanding part of a global bank? Be part of a team that ensures the safety of ING's payment products and technologies, while also supporting your colleagues. If you are dedicated to risk and security, and prioritize quality and efficiency, then Payment & Settlement Services as a Defensive Security Expert is the perfect fit for you.

As a Defensive Security Expert, you will support DevOps teams in implementing controls using a risk- and threat-based approach. You will keep a close eye on security and risk constraints, emphasising cost-efficiency and prioritisation. Your objective is to create the most significant impact with minimal effort and cost.

The team

You will be joining the IT risk and security team of PSS, representing the 1ST LoD IT Risk Governance Risk and Control (GRC) function, led by the head of IT Risk and Security.

The team consists of 5 experts covering all IT risk areas. In collaboration with the Global CISO 2nd LoD and the PSS DevOps teams and leadership, you will work to keep PSS applications safe and compliant by proactively mitigating IT risks and security threats. This will involve supporting engineers with expert advice, identifying trends and structural issues through data analysis, as well as conducting risk and threat assessments. You will actively collaborate with global teams to ensure that PSS interests and views are represented in global tooling, process control standards, and IT security standards, and roll out these IT security standards across PSS.

Roles and responsibilities

The role will mainly focus on the supporting the teams in the area of (application) security, next to writing a qualitative IT risk Opinion Report, interacting with 2nd Line of Defense (LoD) and Subject matter experts, DevOps teams, keep track of the overall process and effectively communicate progress and findings to the management team and senior management. Together with your colleagues you will support the engineering teams in best practice on security and support them with risk- and threat based approach, next to managing IT risk in an efficient and risk-based manner.

In this role you;

• Support Dthe evOps team with best practices and helping them to implement security standards and controls with a risk- and threat based approach

• gather IT risk related data and perform trend analysis to find structural problems and deliver recommendations how to solve.

• prepare the 1st LoD IT Risk Opinion Report, ensuring it is comprehensive, accurate, and timely for your process group(s).

• collaborate with the 2nd LoD to ensure alignment on IT risk frameworks, policies, and standards.

• collaborate with the various global CISO teams to global tooling improvements and implementation.

• present the IT Risk Opinion Report to local MT and IT leads, effectively communicating key findings and recommendations.

How to succeed

We hire smart people like you for your potential and personality. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. Help others to grow. In return, we’ll back you to develop into an even more awesome version of yourself.

• Minimum Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or a related field

• At least 3 years of work experience in IT risk management, governance, and compliance

• Hands-on experience in the security area, like Attack Surface Management and sub areas as well as Security Detection Response as engineer or as 1st LoD IT Risk consultant

• Good understanding of (INGs) IT risk frameworks, policies, and control standards is key

• Up-to-date knowledge on trends and best practice in the cyber threat landscape

• Ability to analyze complex data and draw meaningful conclusions.

• Excellent written and verbal communication skills.

• Ability to present complex information in a clear and engaging manner.

Desirable Certifications at least one:

• Certified Information Systems Auditor (CISA)

• Certified in Risk and Information Systems Control (CRISC)

• Certified Information Systems Security Professional (CISSP)

Rewards and benefits

We want to make sure that it’s possible for you to strike the right balance between your career and your private life. You can find out more about our employment conditions at Benefits in the Netherlands

The benefits of working with us at ING include:

• A base salary in scale 10 (€ 4.596 - € 7.460) gross per month based on 36 hours

• A salary tailored to your qualities and experience

• 24-27 vacation days depending on contract

• Pension scheme

• 13th month salary

• Individual Savings Contribution (BIS), 3.5% of your gross annual salary

• 8% Holiday payment

• Hybrid working to blend home working for focus and office working for collaboration and co-creation

• Personal growth and challenging work with endless possibilities

• An informal working environment with innovative colleagues

About us
Curious about how ING empowers people and businesses to move forward? Discover what we do and what we can offer you.

Questions?
Contact the recruiter attached to the advertisement. Want to apply directly? Please upload your CV and motivation letter by clicking the ‘Apply’ button.