Business Control Specialist

Do you aspire to influence a vital and expanding part of a global bank? Be part of a team that ensures the safety of ING's payment products and technologies, while also supporting your colleagues. If you dedicated to risk and security, and prioritize quality and efficiency, then Payment & Settlement Services as a senior Business Control Specialist is the perfect fit for you.

As a Senior Business Control Specialist, you will function as a risk and security consultant, assisting the MT and DevOps teams in implementing controls using a risk- and threat-based strategy. You will maintain a close eye on strategic and tactical priorities, balancing risk and security levels, and optimising cost efficiency. You aim to create the most significant impact while balancing effort, risk and cost,

The team

You will be joining the IT risk and security team of PSS representing the 1ST LoD IT Risk Governance Risk and Control (GRC) function, led by the head of IT Risk and Security.

The team consists of 5 experts covering all IT risk areas. In collaboration with the Global CISO 2nd LoD and the PSS DevOps teams and leadership, you will work to keep PSS applications safe and compliant by proactively mitigating IT risks and security threats. This will involve supporting engineers with expert advice, identifying trends and structural issues through data analysis, as well as conducting risk and threat assessments. You will actively collaborate with the global teams and ensure that PSS interests and views are represented in the global tooling, process control standards and IT security standards.

Roles and responsibilities

The role will mainly focus on supporting the teams in the area of (application) security, next to writing a qualitative IT risk Opinion Report, interacting with 2nd Line of Defense (LoD) and Subject matter experts, DevOps teams, keep track of the overall process and effectively communicate progress and findings to the management team and senior management. Together with your colleagues you will support the engineering teams in best practice on security and support them with a risk- and threat-based approach, next to managing IT risk in an efficient and risk-based manner.

In this role you;

• Support the DevOps team with best practices and help them implement controls with a risk- and threat-based approach
• Gather IT risk-related data and perform trend analysis to find structural problems and deliver recommendations on how to solve
• Prepare the 1st LoD IT Risk Opinion Report, ensuring it is comprehensive, accurate, and timely.
• Collaborate with the 2nd LoD to ensure alignment on IT risk frameworks, policies, and standards.
• Collaborate with the various global CISO teams for global tooling improvements and implementation,
• Present the IT Risk Opinion Report to local MT and IT leads, effectively communicating key findings and recommendations.

How to succeed

We hire smart people like you for your potential and personality. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. Help others to grow. In return, we’ll back you to develop into an even more awesome version of yourself.

• Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or a related field.
• Experience in IT risk management, governance, and compliance.
• Hands-on experience in several IT risk and security areas, like Foundation, Identity and Access Management, IT Resilience, Attack Surface Management and sub-areas as well as Security Detection Response
• Thorough understanding of (INGs) IT risk frameworks, policies, and control standards.
• Up-to-date knowledge of trends and best practices in the cyber threat landscape
• Ability to analyze complex data and draw meaningful conclusions.
• Excellent written and verbal communication skills.
• Ability to present complex information clearly and engagingly.

Desirable Certifications:

• Certified Information Systems Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Systems Security Professional (CISSP)

Rewards and benefits

• We want to make sure that you can strike the right balance between your career and your private life. Find out more about our employment conditions.
• The benefits of working with us at ING include:
• 24-27 vacation days depending on the contract
• Pension scheme
• 13th-month salary
• Hybrid working
• Personal growth and challenging work with endless possibilities
• An informal working environment with innovative colleagues

About us
Curious about how ING empowers people and businesses to move forward? Discover what we do and what we can offer you.

Questions?
Contact the recruiter attached to the advertisement. Want to apply directly? Please upload your CV and motivation letter by clicking the ‘Apply’ button.