Information Security Officer
HBP (Amsterdam - Haarlerbergpark)
ING is looking for an Information Security Officer (ISO)
ING is a bank that is known for its IT innovations and has a primarily focus on Risk & Security.
ING CISO Domestic Bank NL (DBNL) is looking for a passionate and inspiring Non-Financial Risk specialist, who will support the CISO department and the IT organization in the role of Information security officer (hereafter: ISO).
As a ISO you enable IT senior management to work on IT Risk & Security activities ensuring the ING Market Leader applications and processes for DBNL are and remain safe and compliant.
In the function of ISO your main focus will be
To act as a customer success manager for DBNL Tech NL IT leadership to ensure a secure & compliant practice across the IT domain(s) within scope of your responsibility.
You will fulfil this goal by:
- Being the IT risk area expert for at least one of the six key IT risk area’s that we manage within the ING IT Risk & Control framework (Foundation, Identity & Access Management, Change Management, Platform Security, Operational Resilience, or Security Monitoring).
- Acting as an IT-risk and security representative in DBNL for the Tech NL IT domains.
- Developing and overseeing the implementation of IT-risk and security policies, procedures and controls within DBNL Tech NL IT domains.
- Working with Tech NL IT leads and IT area leads to establish and maintain a structured IT-risk and compliance management program to maintain the risk scores on the target levels and, where possible, reduce and/or mitigate the various risks.
- Providing guidance and support to Tech NL IT domains on IT-risk and security best practices.
- Assisting and advising Tech NL IT domains on IT-risk and security compliance (ITRMP controls, CAS findings, MIA’s, vulnerabilities, and other issues).
- Supporting with drafting required MIA’s / risk acceptance and remediation of IT-risk & control issues and security incidents.
- Facilitating IT-risk and security awareness training programs.
- Initiating improvements for the various IT risk areas, audits and policies.
- Monitoring and reporting on status and progress of IT-risk and security compliance state, issue mitigations, audit findings and other relevant KRI’s/KPI’s.
Your working Environment:
As CISO DBNL department, we take responsibility for IT Risk & Security within Domestic Bank focusing on creating a Safe & Compliant bank.
As Non-Financial Risk specialist / ISO you will liaise with all levels of defence in ING’s risk model ranging from engineers, IT management and CISO in the first line, Information Risk Officers and policy makers in the 2nd line to auditors in the 3rd line. You will maintain these relations to build a safe, secure and compliant bank with a detailed focus on IT Risk & Security.
ING works in multi-disciplinary teams based on Scrum, Agile and DevOps principles. Responsibility for Infra and Security is adapted within the squads, business & IT have joined, making a squad end-to-end responsible for a customer journey or product. This is also called the ING adaptation of the ‘Spotify’ model. For more about our way of working please visit: https://www.youtube.com/watch?v=D3iu2kfZ3w4
The type of person we are looking for
- Inspiring, full of energy, proactive.
- Focused on working together, facilitating others within CISO and its stakeholders to be successful.
- You don’t take things as granted and you are willing to challenge the status quo.
- You have experience and knowledge of IT Risk & Security and its related processes.
- You are strong at stakeholder management.
- You drive for results and you think in possibilities.
- You are constantly looking for improvements.
- You are a self-starter and eager to learn and continuous develop yourself in the various IT risk area’s
- Good at presenting.
The skillset you need to have
A University / Post Graduate (Masters) degree in computer science or a comparable education.
- Certification like CISSP, CISM, CRISC or CISA are a pre.
- IT & Security risk management expertise.
- Stakeholder management skills.
- People management and coaching skills.
- Strong analytical skills and critical thinking.
- Strong communicational skills.
- Project management and reporting skills.
- Strong consulting, negotiating, and presenting skills.
- Strong business insight.
- Speaking and writing the English language is a must have.
ING sets high standards for a high-performing culture, but also for our values according we are working to. These values are defined in the “orange code”. Check out more on: https://www.ing.jobs/Global/Careers/Orange-code.htm
Rewards and benefits
We want to make sure that it’s possible for you to strike the right balance between your career and your private life. You can find out more about our employment conditions at https://www.ing.jobs/netherlands/Why-ING/benefits.html
The benefits of working with us at ING include:
● A salary tailored to your qualities and experience
● 24-27 vacation days depending on contract
● Pension scheme
● 13th month salary
● Individual Savings Contribution (BIS), 3.5% of your gross annual salary
● 8% Holiday payment
● Hybrid working to blend home working for focus and office working for collaboration and co-creation
● Personal growth and challenging work with endless possibilities
● An informal working environment with innovative colleagues
With 60,000 employees and operations in approximately 40 countries, there is no shortage of opportunities for people with initiative who want to help people take a step ahead in life and in business. Do you want to work at the cutting edge of what’s possible and at the same time ensure you work with integrity and hold the customer’s interests at heart? Do you want to be surrounded by progressive, inspiring, diverse and supportive colleagues? Then there is no better place to invest your talents than at ING. Join us. Apply today.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Ingénieur DevSecops H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open C-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs