Cyber Risk Governance Specialist @ING Hubs Romania

Discover ING Hubs Romania

ING Hubs Romania offers 130 services in software development, data management, non-financial risk & compliance, audit, and retail operations to 24 ING units worldwide, with the help of over 1700 high-performing engineers, risk, and operations professionals.

We started out in 2015 as ING’s software development hub – a distinct entity from ING Bank Romania – then steadily expanded our range to include more services and competencies.

Now we provide borderless services with bank-wide capabilities and operate from two locations: Bucharest and Cluj-Napoca.

Our tech capabilities remain the core of our business, with more than 1500 colleagues active in Data Management, Touchpoint Channels & Integration, Core Banking, and Global Products.

We enjoy a flexible way of working and a highly collaborative environment, where fair and constructive feedback is encouraged.

For us, impact isn't a perk. It's the driver of our work.

We are guided and rewarded by a shared desire to make the world a better place, one innovative solution at a time. Our colleagues make it their job to do impactful things and they love doing it in good company. Do you?

The Mission

Keeping the company safe, secure and compliant is a top priority at ING.

As part of the IT Security & Risk 1st LoD team your focus will be on providing IT risk subject matter expertise, education and instilling the core IT risk mindset and culture. You will be contributing to the review of evidence of various IT controls, contributing on awareness in IT risk and IT security and be involved in the IT risk assessment exercises.

Your day-to-day

• Evaluate IT controls for design and effectiveness;
• Initiate and facilitate IT risk assessments in line with internal frameworks, procedures and guidelines;
• Provide guidance and expertise to DevOps Teams in IT Risk Managements related activities;
• Monitors and reports progress on identified issues/risks;
• Act and advise on IT issues (e.g. IT Audit points);
• Contribute to the local IT security policies, procedures, guidelines and runbooks in line with internal policies and industry best practices;
• Liaison between 1 line of defense and 2nd/3rd lines of defense;
• Provide training & awareness activities on IT Risk topics;
• Perform relevant reporting where required (e.g. to management team, application owners, IT Custodians);
• Contribute to the local projects.

What you’ll bring to the team

• 3-5 years (preferably in software company or financial institution) in an IT Auditor, IT Risk Officer, IT Compliance Specialist, IT Security Officer or similar role;
• Familiar with ISO/IEC 27000 family of standards, COBIT, NIST, CIS and similar frameworks;
• Understand various technologies (e.g. operating systems, databases, virtualization, cloud) and SDLC;
• Nice to have relevant trainings and certifications (e.g. CISA, CRISC, CISM, CISSP, CEH, ISO27001);
• Fluency in English (written and oral).

If you want to deep dive into the processing of personal data conducted by ING Hubs Romania during the recruitment process and your rights related to it, read the privacy notices on our website (make sure to scroll until you reach the Data Protection section/ Candidates tab).