Chapter Lead Security Engineer
HBP (Amsterdam - Haarlerbergpark)
CoE IT Risk & Security is looking for a qualified cyber security manager/lead with excellent security background with recent and relevant working experience as a software security tester and/or as a team lead. Security testing experience in a financial environment could be advantageous but not determinant.
The team
CoE IT & Risk and Security is part of Domestic Bank Netherland who’s tasked with reducing the IT risks of the organization. A group of highly skilled professionals from multiple risk and security disciplines that work together to assess risks and create controls to comply with regulatory requirements. The Security Engineering Chapter within the CoE IT Risk & Security consisting between 20-25 engineers is helping the DevOps teams to deliver secure products in production and is responsible to bring security awareness into the organization by giving trainings and presentations. Beside all the awareness work, the security chapters are responsible for executing complex penetration tests, secure code reviews, design review/threat modelling and work on security automation projects. The CoE IT Risk & Security has also a Security Research team where experts work together on complex vulnerability research projects to make impact and help our organization and others to stay one step ahead of advanced threats.
Roles and responsibilities
- Leading and coaching security engineers
- Security role model that brings new security knowledge to the teams
- Project management of several running projects and come with new projects that can make an impact throughout the organization
- Support the delivery of a roadmap
- Demonstrate excellent judgement in prioritizing security efforts to mitigate the appropriate risks
- Be a strong communicator and can translate security objectives to tech teams
- Managing several security services:
- Security requirements
- Threat Modelling
- Design Reviews
- Secure Code Review
- Penetration Tests
- Security Trainings
How to succeed
We hire smart people like you for your potential. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. In return, we’ll back you to develop into an even more awesome version of yourself.
- As a Security Chapter Lead you will be working with a team of great security engineers on several topics i.e. Security Testing, Security (Test) Automation, Security Research, and many others.
- You will help reduce the risk for the organization by helping DevOps teams to deliver secure products, coordinate and help your team to support 300+ DevOps teams thought-out SSDLC and coordinate the work with Risk departments within the CoE IT Risk & Security.
- You will help to create new strategic plans to be more efficient and work together with several other security departments. For example, Global CISO, Secure Defense Centre and other Product Security Teams across the world.
- You will also coach your team members and bring them to the next level in their career and improve their security knowledge.
- As an expert, you will contribute to the security research squad and visit conferences to bring new knowledge inside the company. You will act as a bridge from Security to our Risk departments.
- You also will assist with the continuous improvement of the processes critical to the success of the team.
- You will align with other DBNL Stakeholders in other domains including global CISO with your new initiatives.
- You will be reporting to the Head of IT Risk & Security.
Requirements
- B.S. in Computer Science or related technical major (M.S./PhD preferred), or significant job experience.
- Experience in managing/leading a security team
- Out standing stakeholder management skills
- Experienced in working in complex environments
- Strong analytic skills and ability to solve highly complex problems
- Strong reporting skills
- Strong security knowledge with programming background
- Minimum 5 years penetration testing experience, with experience on mobile testing and APIs
- Experience with OWASP testing Guide / Open-Source Security Testing Methodology Manual
- Experience deploying enterprise security testing solutions
- Experience with cryptography, X509 certificates, signatures, securing TLS/SSL parameters, and certificate pinning
- Technical depth in many, if not most of the following areas: Java EE, Node.js, Scala, iOS, Android OS, Windows Mobile, web services.
- Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration
- Knowledge of cloud security
- Thought leadership in the security field, with demonstrable contributions to industry groups strongly desired
- Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns
- Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change
- A fun and positive attitude!
Rewards & benefits
Rewards and benefits
We want to make sure that it’s possible for you to strike the right balance between your career and your private life. You can find out more about our employment conditions at https://www.ing.jobs/netherlands/Why-ING/benefits.htm
The benefits of working with us at ING include:
- A salary tailored to your qualities and experience
- 24-27 vacation days depending on contract
- Pension scheme
- 13th month salary
- Individual Savings Contribution (BIS), 3.5% of your gross annual salary
- 8% Holiday payment
- Personal growth and challenging work with endless possibilities
- An informal working environment with innovative colleagues
- Work Agile, so new ideas come to life faster
About us
With 60,000 employees and operations in approximately 40 countries, there is no shortage of opportunities for people with initiative who want to help people take a step ahead in life and in business. Do you want to work at the cutting edge of what’s possible and at the same time ensure you work with integrity and hold the customer’s interests at heart? Do you want to be surrounded by progressive, inspiring, diverse and supportive colleagues? Then there is no better place to invest your talents than at ING. Join us. Apply today.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Android APIs Automation CISO Cloud Compliance Computer Science Cryptography DevOps iOS Java Node.js OWASP Pentesting PhD Product security Scala TLS Windows
Perks/benefits: Career development Conferences
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open SQL-related jobs
- Open PowerShell-related jobs