At ING we value and support our employees before recruiting external talent. If you think this vacancy is the right next step in your ING career, we’d encourage you to apply. Should you have questions about the vacancy or need to hear more before you feel you can apply. Please do not hesitate to reach out to the responsible recruiter.
Cyber Security Expert / Specialist - Tech DB NL CISO team
There has never been a more interesting time to work at ING. We’re on a journey that’s centred around our customers, powered by technology and driven by smart, determined people. Our customers feel our people are empowering them to stay a step ahead in life and in business.
We believe ING plays a pivotal role in protecting our society: in a changing and uncertain digital world we provide peace of mind by ensuring ING is the safest bank. Confidence in the brand of ING, to secure data and services, is the foundation of our existence.
Do you want to make a concrete contribution to combat cyberthreats? Then the role of cyber security expert as part of the Tech DB NL CISO team at ING is perfect for you!
Your role & work environment
You will be part of the CISO office of ING in the Netherlands. The CISO office is responsible for information security and is part of Tech department in the Netherlands. You will help transform the team to the next phase and set up a team of dynamic security professionals. Every day will be different working in this team as you will need to engage with both C-level management as operational security professionals. Within the CISO office, you, as expert, will be responsible of training your direct colleagues and also other direct stakeholders. Next to this, your focus will on be continuously improving the security of all of our assets by assessing and improving our current solutions. Finally, you will ensure that ING remains a front-runner in cybersecurity by keeping up with the latest trends and technologies in cyber security and ensure proper adoption within ING.
Your key responsibilities
- You work closely together with the CISO Lead to establish and operate a CISO office for DB NL and assist in recruiting new team members to strengthen the team. You are the first point of contact in communication with our stakeholders in the Netherlands – mainly bank CISO, the IT security organization and the different operational security teams;
- You will fulfill the role of Cyber Security Expert for the CISO team in the Netherlands. This means that you will lead by example, initiate security improvements, identify upcoming threats and contribute actively in defining and implementing the security strategy for DB NL.
- Based on your experience and knowledge you prioritize and steer the backlog for the CISO team based on continuous alignment with our different stakeholders. These main stakeholders include bank CISO, the IT security organization and the different operational security teams.
- You establish and facilitate state of the art integrated security threat and IT risk profile assessments in collaboration with all relevant stakeholders;
- As security subject matter expert, you contribute to the security vision and drive the security roadmap for the organisation together with the DBNL CISO and other stakeholders. You perform and deliver maturity and value assessments of the different security capabilities to identify improvement needs and opportunities.
- You organize and conduct business-facing threat assessment and prioritization sessions, with the goal of identifying top risks and related mitigating efforts (“Security Watch”). You manage the portfolio of security efforts tied to those assessments – examples include, the scoping and execution of red/blue team engagement, the implementation of additional security measures (e.g. identity and access solutions), the execution of specialized training programs, the definition of threat profiles and intelligence gathering in collaboration with the Global Intelligence Centre.
- You provide expert support and facilitation during Detailed Risk Assessments (DRA) and scenario analysis;
- You contribute to Red/ Blue team exercise by identifying relevant threats/ scenarios;
- You assist in development of global Security Baseline security standard and guidance and support local Security Baseline template updates;
- You translate the relevant cyber threats and risks into relevant and effective internal training and awareness campaigns.
- You own the coordination and support the execution of scenario analysis deep dive sessions with business and IT stakeholders. These sessions aim at identifying specific threats impacting business critical processes and assets and to identify actions and remediations to be implemented. This may include refinement of security event monitoring use cases, strengthening of security baseline designs.
What are we looking for?
A colleague with a talent for taking it on and making it happen, enthusiasm for helping others to be successful and a knack for always being a step ahead. In other words, you strive to bring fresh ideas to life and embrace challenges in a fast changing and complex environment. You are a naturally collaborative person who listens and invests in others to achieve common goals. You love to challenge the status quo and are eager to propose creative solutions to problems.
As Cyber Security Expert / Specialist you will also need:
- 10+ years of professional experience in IT or information security
- BS/MS degree in computer science or related field. Certification like CISSP, CISM, etc. are highly recommended
- Clear track record as Cyber Security Expert / Specialist throughout different levels and organisations
- Proven experience in product ownership and/ or project management/ road management for large security project. Proven experience in successfully managing stakeholder expectations in complex environments;
- Prior experience in performing threat assessments and scenario analysis and assessing security capability maturity;
- Prior experience in risk management or experience working across lines of defence is an added benefit;
- Applied knowledge of various information security frameworks (e.g. ISO27001, NIST, CIS)
- Strong analytical skills and ability to solve high complexity problems
- Outstanding oral and written communication skills
- Strong communication and reporting skills (including C-level reporting)
- Experience of working in complex environments
- Team player and collaborative
- Excellent command of the English language, both in writing and in speech
What do we offer you?
- Function classified in function scale 12.
- Based in the Netherlands, Amsterdam however upcoming months hybrid working (50/50 Home vs Office) will remain the standard.
- Plenty of personal development and possibilities and career options
- Laptop and mobile phone
- A clear purpose, a unique offer and a range of flexible compensation and other benefits:
- Personal growth & challenging work with many opportunities to realise your ambitions
- A progressive and agile way of working, where new ideas are valued ahead of convention
Furthermore, within the CISO department, you can count on a range of opportunities to invest in your personal and professional growth with:
- Coaching by our agile coaches to take your skills to the next level;
- A diverse range of projects making sure you are always challenged and continue to grow professionally;
- The opportunity to represent ING in industrywide/ national security bodies (Cyber Security coalition, national CERT,…) offering you the opportunity to work with and learn from captains of industry;
- A broad training curriculum, tailored to your personal interests.
How can you apply?
Are you enthusiastic? Then click on apply. You can express your interest through a letter of application in which you state why you are ideally suited for this position. We would also like to receive your current CV.
If you have any questions about the role of Cyber Security Expert / Specialist within Tech DB NL CISO team, please contact Léon Janson, Head of IT Risk & Security DB NL
We are looking forward to meet you!