Chapter Lead Security Engineer
HBP (Amsterdam - Haarlerbergpark)
CoE IT Risk & Security is looking for a qualified cyber security manager/lead with excellent security background with recent and relevant working experience as a software security tester and/or as a team lead. Security testing experience in a financial environment could be advantageous but not determinant.
CoE IT & Risk and Security is part of Domestic Bank Netherland who’s tasked with reducing the IT risks of the organization. A group of highly skilled professionals from multiple risk and security disciplines that work together to assess risks and create controls to comply with regulatory requirements. The Security Engineering Chapter within the CoE IT Risk & Security consisting between 20-25 engineers is helping the DevOps teams to deliver secure products in production and is responsible to bring security awareness into the organization by giving trainings and presentations. Beside all the awareness work, the security chapters are responsible for executing complex penetration tests, secure code reviews, design review/threat modelling and work on security automation projects. The CoE IT Risk & Security has also a Security Research team where experts work together on complex vulnerability research projects to make impact and help our organization and others to stay one step ahead of advanced threats.
Roles and responsibilities
- Leading and coaching security engineers
- Security role model that brings new security knowledge to the teams
- Project management of several running projects and come with new projects that can make an impact throughout the organization
- Support the delivery of a roadmap
- Demonstrate excellent judgement in prioritizing security efforts to mitigate the appropriate risks
- Be a strong communicator and can translate security objectives to tech teams
- Managing several security services:
- Security requirements
- Threat Modelling
- Design Reviews
- Secure Code Review
- Penetration Tests
- Security Trainings
How to succeed
We hire smart people like you for your potential. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. In return, we’ll back you to develop into an even more awesome version of yourself.
- As a Security Chapter Lead you will be working with a team of great security engineers on several topics i.e. Security Testing, Security (Test) Automation, Security Research, and many others.
- You will help reduce the risk for the organization by helping DevOps teams to deliver secure products, coordinate and help your team to support 300+ DevOps teams thought-out SSDLC and coordinate the work with Risk departments within the CoE IT Risk & Security.
- You will help to create new strategic plans to be more efficient and work together with several other security departments. For example, Global CISO, Secure Defense Centre and other Product Security Teams across the world.
- You will also coach your team members and bring them to the next level in their career and improve their security knowledge.
- As an expert, you will contribute to the security research squad and visit conferences to bring new knowledge inside the company. You will act as a bridge from Security to our Risk departments.
- You also will assist with the continuous improvement of the processes critical to the success of the team.
- You will align with other DBNL Stakeholders in other domains including global CISO with your new initiatives.
- You will be reporting to the Head of IT Risk & Security.
- B.S. in Computer Science or related technical major (M.S./PhD preferred), or significant job experience.
- Experience in managing/leading a security team
- Out standing stakeholder management skills
- Experienced in working in complex environments
- Strong analytic skills and ability to solve highly complex problems
- Strong reporting skills
- Strong security knowledge with programming background
- Minimum 5 years penetration testing experience, with experience on mobile testing and APIs
- Experience with OWASP testing Guide / Open-Source Security Testing Methodology Manual
- Experience deploying enterprise security testing solutions
- Experience with cryptography, X509 certificates, signatures, securing TLS/SSL parameters, and certificate pinning
- Technical depth in many, if not most of the following areas: Java EE, Node.js, Scala, iOS, Android OS, Windows Mobile, web services.
- Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration
- Knowledge of cloud security
- Thought leadership in the security field, with demonstrable contributions to industry groups strongly desired
- Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns
- Eagerness to challenge the status quo, balanced with a reasonable and methodical approach to effecting change
- A fun and positive attitude!
Rewards & benefits
Rewards and benefits
We want to make sure that it’s possible for you to strike the right balance between your career and your private life. You can find out more about our employment conditions at https://www.ing.jobs/netherlands/Why-ING/benefits.htm
The benefits of working with us at ING include:
- A salary tailored to your qualities and experience
- 24-27 vacation days depending on contract
- Pension scheme
- 13th month salary
- Individual Savings Contribution (BIS), 3.5% of your gross annual salary
- 8% Holiday payment
- Personal growth and challenging work with endless possibilities
- An informal working environment with innovative colleagues
- Work Agile, so new ideas come to life faster
With 60,000 employees and operations in approximately 40 countries, there is no shortage of opportunities for people with initiative who want to help people take a step ahead in life and in business. Do you want to work at the cutting edge of what’s possible and at the same time ensure you work with integrity and hold the customer’s interests at heart? Do you want to be surrounded by progressive, inspiring, diverse and supportive colleagues? Then there is no better place to invest your talents than at ING. Join us. Apply today.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Senior Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Senior Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Specialist jobs
- Open Ingénieur DevSecops H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open C-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open Splunk-related jobs
- Open APIs-related jobs
- Open DevSecOps-related jobs
- Open IDS-related jobs