Defensive Security Expert II

Do you aspire to influence a vital and expanding part of a global bank? Be part of a team that ensures the safety of ING's payment products and technologies, while also supporting your colleagues. If you are dedicated to risk and security, and prioritize quality and efficiency, then Payment & Settlement Services as a Defensive Security Expert is the perfect fit for you.

As a Defensive Security Expert, you will support DevOps teams in implementing controls using a risk- and threat-based approach. You will keep a close eye on security and risk constraints, emphasizing cost-efficiency and prioritization. Your objective is to create the most significant impact with minimal effort and cost.

The team

You will be joining the IT risk and security team of PSS representing the 1ST LoD IT Risk Governance Risk and Control (GRC) function, led by the head of IT Risk and Security.

The team consists of 5 experts covering all IT risk areas. In collaboration with Global CISO 2nd LoD and the PSS DevOps teams and leadership, you will be working to keep PSS applications safe, and compliant by mitigating pro-actively IT risk and security threats by supporting engineers with good advice, finding trends and structural issues through data analysis as well as risk and threat assessments. You will actively collaborate with the global teams and ensure that PSS interests and views are represented in the global tooling, process control standards and IT security standards, next to roll out these IT security standards across PSS.

Roles and responsibilities

The role will mainly focus on supporting the teams in the area of (application) security, next to writing a qualitative IT risk Opinion Report, interacting with 2nd Line of Defense (LoD) and Subject matter experts, DevOps teams, keeping track of the overall process and effectively communicate progress and findings to the management team and senior management. Together with your colleagues you will support the engineering teams in best practice on security and support them with a risk- and threat-based approach, next to managing IT risk in an efficient and risk-based manner.

In this role you;

• support the DevOps team with best practices and help them to implement security standards and controls with a risk- and threat-based approach

• gather IT risk-related data perform trend analysis to find structural problems and deliver recommendations on how to solve them.

• prepare the 1st LoD IT Risk Opinion Report, ensuring it is comprehensive, accurate, and timely for your process group(s).

• collaborate with the 2nd LoD to ensure alignment on IT risk frameworks, policies, and standards.

• collaborate with the various global CISO teams for global tooling improvements and implementation.

• present the IT Risk Opinion Report to local MT and IT leads, effectively communicating key findings and recommendations.

How to succeed

We hire smart people like you for your potential and personality. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. Help others to grow. In return, we’ll back you to develop into an even more awesome version of yourself.

• Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or a related field.

• Experience in IT risk management, governance, and compliance.

• Hands-on experience in the security area, like Attack Surface Management and sub-areas as well as Security Detection Response

• Thorough understanding of (INGs) IT risk frameworks, policies, and control standards.

• Up-to-date knowledge of trends and best practices in the cyber threat landscape

• Ability to analyze complex data and draw meaningful conclusions.

• Excellent written and verbal communication skills.

• Ability to present complex information in a clear and engaging manner.

Desirable Certifications:

• Certified Information Systems Auditor (CISA)

• Certified in Risk and Information Systems Control (CRISC)

• Certified Information Systems Security Professional (CISSP)

Rewards and benefits

• We want to make sure that you can strike the right balance between your career and your private life. Find out more about our employment conditions.
• The benefits of working with us at ING include:
• 24-27 vacation days depending on the contract
• Pension scheme
• 13th-month salary
• Hybrid working
• Personal growth and challenging work with endless possibilities
• An informal working environment with innovative colleagues

About us
Curious about how ING empowers people and businesses to move forward? Discover what we do and what we can offer you.

Questions?
Contact the recruiter attached to the advertisement. Want to apply directly? Please upload your CV and motivation letter by clicking the ‘Apply’ button.