IT Security Engineer

In order to strengthen our Wholesale Bank IT & Cyber Risk Team we are looking for an IT Security Engineer.

Your role and work environment

The purpose of CoE IT & Cyber Risk is ensuring ING will be amongst the safest banks and will be seen as a leader in (IT) security. We assist WB Tech globally in being successful in IT Risk and IT Security. Overall we ensure that IT Risk and IT Security is part of our DNA.

You will work for an IT & Cyber Risk team responsible for supporting all DevOps teams covering 450+ global WB applications. Also the team operates closely with peer IT & Cyber Risk teams and external partners around the globe.  

You support to create a cohesive IT Security Strategy, a roadmap for strategy implementation and you’re responsible for delivering security & risk awareness throughout WB Tech. You’re familiar with the application environments within WB Tech globally in order to be able to drive the integration of IT Security in the DevOps way of working.

As a security engineer in the IT & Cyber Risk Team you will be responsible for advising, training and reviewing DevOps teams globally with:

• Secure Azure DevOps pipelines
• Resilient application landscapes
• Application monitoring
• Service level indicators and service level objectives
• Security Testing (SAST, DAST, SCA)
• Secure SDLC (incl. code review, requirements setting, security config)
• Application Security (incl. application hardening,  pen testing)
• Secure Network designs
• Manage Third Party & Cloud Security

You will achieve this through:

• Presenting, visiting teams and their IT - management.
• Writing strong work instructions
• Reporting and trend analysis

Your profile

You are an energetic and proactive IT Security professional with a passion for securing WB Tech environments and a positive, “Do it-Try it-Fix it” mentality. You are a natural team player who forms relationships based on social skills rather than hierarchical structure. Enhancing the security controls and ultimately make ING safer, is a challenge to you. Close cooperation with and between the DevOps squads is your greatest achievement.

You have a broad understanding of both technical and orange code competences with which you feel comfortable with all WB Tech services and know your way around the WB Tech squads globally. You continuously strive to develop both yourself and your colleagues in the security mind-set.

You are an ambassador for IT Security around the globe. This role requires emphasis on the following:

Skills and competences

• You have excellent problem-solving skills and are passionate about IT Security
• You are inspiring and show energy and passion
• You are capable of implementing one way of working regarding the implementation of IT Security & IT Risk controls across WB Tech countries
• You have a good feel on how things work in the international WB Tech organisation
• You are focused on cross border collaboration: you help others to be successful
• You are able to design technical Security solutions
• Scripting: to automate recurring tasks, such as Perl, Python, etc.
• Understanding of (building) Azure Pipelines
• Knowledge of security testing (e.g. via Checkmarks)
• Understanding of network protocols
• Understanding of resilience patterns

Experience and Education

• In-depth knowledge of security frameworks, standards, and best practices, such as ITIL, ISO27001, OWASP and PCI-DSS
• Master / Batchelor degree in IT Security or related domains
• Related certifications such as CISSP, CISM, CCSP or similar experience
• 3+ years Experience with AzDo Pipelines

Languages

• English and preferably Dutch