Risk Management, red teaming
Bachelor (EQF 6)
Your work environment:
Winning the war against the criminals by stealing their operation theater with the license to hack!
Criminals only need to be one time right, while we need to be always vigilant to stop the ever evolving threat actors. That is why as a red team professional you think like a criminal and test the overall global security for ING bank which includes people, process and technology.
You will be part of the security assessment services (SAS) Team which is part of the Global CISO office.
We focus on strengthening IT Security strategy of the bank and keeping it sharp to meet the cyber security challenges and ensure ING is focusing on areas of absolute relevance when it comes to preventive and detective measures.
SAS has a hands on approach when it comes to security and focuses on constant up gradation of security assessment skills by means of research and on the job experience.
You will be working in a highly specialized team focused on core concepts of cyber security. Your colleagues have a proven track record of building thought leadership in the field of cyber security. The activities take place in a multicultural team with a global scope where the standard language is English.
Analytic mind, make-it-happen mentality to IT security and proven cyber security track record are prerequisites for this role.
In you’re daily job you will:
- Focus on the planning, preparation and execution of global security assessments – like red team exercises - and you will provide technical expertise, analytical skills, documentation and recommendation of improvements.
- Have a helicopter view and determine priorities based on context across teams, business units and domains and deliver individually or in a small team.
- Make sure red team findings are addressed and advise on how to mitigate and make sure they are followed-up.
- Guide towards best practices, industry standards and solutions to assure quality and continuous improvement of our security testing capabilities.
- Contribute in assessing ethical and risk dilemmas before, during and after red teaming exercises.
- Contribute to the engagements with 3rd parties and regulatory red teams like TIBER.
- Develop and maintain a trust-based relationships with relevant stakeholders and address potential distraction and politics that could impact the teams objectives.
- Pro-actively contribute to the vision and roadmap of the team and combines and builds on the ideas of yourself or others to improve and innovate.
- Act as an expert and contribute to the continuous development of the team. You are involved in training and coaching on the job to (more junior) colleagues within ING and you seek coaching by senior colleagues. And you contribute to building and maintain a security culture.
- Have a thorough understanding of security testing methodologies and contribute the team is recognized in their expertise others when they encounter challenges in the field of cyber security and you are a sparring partner for the leadership team.
- You pro-actively give and receive feedback and act upon it and contribute to an environment of open dialogues that encourage expertise and personal development.
Who are you?
- Education level: Bachelor.
- Passionate about the field of cyber security / resilience.
- Minimal 3 years of hands on experience in information security, and experience in red teaming exercises.
- Independent thinker with functional and technical ability to execute follow up and advise where necessary on identified gaps.
- Able to maintain and review the compliance status.
- Able to operate at an advanced level of written and spoken communication; including writing professional reports and making corporate style power point presentations to explain findings.
- Seamless ability to communicate technical issues in a business language.
- Executing security operations in an international environment.
- Analyze and contribute on performance indicators and quality.
- Knowledge in evasion and hacking of threat detection or monitoring technique.
- You are an enthusiastic, social, ambitious team member with the goal to add value to our team and department.
- Familiar with the agile way of work.
- Prior experience working as a Red team consultant for a bank, government, Big -4 or defense agency is a plus.
- Holding certifications like OSCP, OSWP, CISSP, GIAC Certified Penetration Tester (GPEN) / certified expert penetration Tester (CEPT) is a plus.
- Problem solving
- Result driven
- Team player
- Can do- will do attitude
- Promotor of our orange code
What do we offer
Modern working conditions that give room for individual choices
An entrepreneurial and creative atmosphere that gives you the freedom to use your talent, express your ideas and execute them;
People who are willing to grow as we grow receive maximum scope for their own initiatives and developmental opportunities.
Apply directly online, click on Apply for this assignment. Please send your CV and motivation. We are looking forward to your application!
For more information on assignments please check www.ING.nl/carriere