Information Security Officer

ING is looking for an Information Security Officer (ISO)

ING is a bank that is known for its IT innovations and has a primarily focus on Risk & Security.

ING CISO Domestic Bank NL (DBNL) is looking for a passionate and inspiring Non-Financial Risk specialist, who will support the CISO department and the IT organization in the role of Information security officer (hereafter: ISO).

As a ISO you enable IT senior management to work on IT Risk & Security activities ensuring the ING Market Leader applications and processes for DBNL are and remain safe and compliant.

In the function of ISO your main focus will be

To act as a customer success manager for DBNL Tech NL IT leadership to ensure a secure & compliant practice across the IT domain(s) within scope of your responsibility.

You will fulfil this goal by:

• Being the IT risk area expert for at least one of the six key IT risk area’s that we manage within the ING IT Risk & Control framework (Foundation, Identity & Access Management, Change Management, Platform Security, Operational Resilience, or Security Monitoring).
• Acting as an IT-risk and security representative in DBNL for the Tech NL IT domains.
• Developing and overseeing the implementation of IT-risk and security policies, procedures and controls within DBNL Tech NL IT domains.
• Working with Tech NL IT leads and IT area leads to establish and maintain a structured IT-risk and compliance management program to maintain the risk scores on the target levels and, where possible, reduce and/or mitigate the various risks.
• Providing guidance and support to Tech NL IT domains on IT-risk and security best practices.
• Assisting and advising Tech NL IT domains on IT-risk and security compliance (ITRMP controls, CAS findings, MIA’s, vulnerabilities, and other issues).
• Supporting with drafting required MIA’s / risk acceptance and remediation of IT-risk & control issues and security incidents.
• Facilitating IT-risk and security awareness training programs.
• Initiating improvements for the various IT risk areas, audits and policies.
• Monitoring and reporting on status and progress of IT-risk and security compliance state, issue mitigations, audit findings and other relevant KRI’s/KPI’s.

Your working Environment:

As CISO DBNL department, we take responsibility for IT Risk & Security within Domestic Bank focusing on creating a Safe & Compliant bank.

As Non-Financial Risk specialist / ISO you will liaise with all levels of defence in ING’s risk model ranging from engineers, IT management and CISO in the first line, Information Risk Officers and policy makers in the 2nd line to auditors in the 3rd line. You will maintain these relations to build a safe, secure and compliant bank with a detailed focus on IT Risk & Security.

ING works in multi-disciplinary teams based on Scrum, Agile and DevOps principles. Responsibility for Infra and Security is adapted within the squads, business & IT have joined, making a squad end-to-end responsible for a customer journey or product. This is also called the ING adaptation of the ‘Spotify’ model. For more about our way of working please visit: https://www.youtube.com/watch?v=D3iu2kfZ3w4

The type of person we are looking for

• Inspiring, full of energy, proactive.
• Focused on working together, facilitating others within CISO and its stakeholders to be successful.
• You don’t take things as granted and you are willing to challenge the status quo.
• You have experience and knowledge of IT Risk & Security and its related processes.
• You are strong at stakeholder management.
• You drive for results and you think in possibilities.
• You are constantly looking for improvements.
• You are a self-starter and eager to learn and continuous develop yourself in the various IT risk area’s
• Good at presenting.

The skillset you need to have

A University / Post Graduate (Masters) degree in computer science or a comparable education.

• Certification like CISSP, CISM, CRISC or CISA are a pre.
• IT & Security risk management expertise.
• Stakeholder management skills.
• People management and coaching skills.
• Strong analytical skills and critical thinking.
• Strong communicational skills.
• Project management and reporting skills.
• Strong consulting, negotiating, and presenting skills.
• Strong business insight.
• Speaking and writing the English language is a must have.  

ING sets high standards for a high-performing culture, but also for our values according we are working to. These values are defined in the “orange code”. Check out more on: https://www.ing.jobs/Global/Careers/Orange-code.htm

Rewards and benefits

We want to make sure that it’s possible for you to strike the right balance between your career and your private life. You can find out more about our employment conditions at https://www.ing.jobs/netherlands/Why-ING/benefits.html

The benefits of working with us at ING include:

● A salary tailored to your qualities and experience

● 24-27 vacation days depending on contract

● Pension scheme

● 13th month salary

● Individual Savings Contribution (BIS), 3.5% of your gross annual salary

● 8% Holiday payment

● Hybrid working to blend home working for focus and office working for collaboration and co-creation

● Personal growth and challenging work with endless possibilities

● An informal working environment with innovative colleagues

About us

With 60,000 employees and operations in approximately 40 countries, there is no shortage of opportunities for people with initiative who want to help people take a step ahead in life and in business. Do you want to work at the cutting edge of what’s possible and at the same time ensure you work with integrity and hold the customer’s interests at heart? Do you want to be surrounded by progressive, inspiring, diverse and supportive colleagues? Then there is no better place to invest your talents than at ING. Join us. Apply today.