Permanent employment
Bachelor (EQF 6), Master (EQF 7)
Apply before:
Hours p/wk:



ING’s global CISO organisation is responsible to assist ING management, business and other tribes in providing customer friendly services in a safe and secure way. Business leaders and CISO are jointly responsible for bank-wide security. CISO is mandated to drive required change in all domains, business and IT.


The Business Control & Transformation team organizes global CISO’s governance, transformation program, ensuring high performance and risk management of global CISO services (e.g. Vulnerability Management, Security Detection & Response, Identity & Access Management).


Within the BCT department, Senior Consultant are part of the team Performance, Risk & Regulatory (PRR). This team focusses on:

  • Maintain overarching IT Security framework (Process Control / IT Security Standards) and its interrelations (created by the CISO solution squads and circles)
  • Manage CISO’s overall operating model globally
  • Manage risk, compliance and (outstanding) audit activities for CISO
  • Manage regulatory affairs, internal and external relationships e.g. ECB, DNB, other banks, NCSC
  • Manage performance insights of CISO services
  • Facilitate innovation with CISO’s eco-system for more revolutionary changes
  • Manage service agreements / suppliers to global CISO

Key Responsibilities – What we offer you

  • You will assist in performing relevant insights where required (e.g. to CISO global, NFRC etc. )
  • Drafting action plans to resolve CISO related (audit) issues and coordinating timely execution of action plans
  • Aligning and collaborating with CISO’s internal stakeholders, including IBSS as service provider, engineering tribes, CAS, CIRM and other CoEs.
  • Aligning and collaborating with CISO’s external stakeholders such as the external auditor and other parties in the eco-system.
  • Developing presentations and providing workshops and trainings to ING’s CISO community in the field of Cyber Security
  • 1st line risk monitoring for IT Controls implementation within CISO
  • Liaise with external parties, 2nd line (Corporate IRM) and 3rd line (Corporate Audit Services)
  • Contributing at defining and enhancing CISO processes and strategic initiatives
  • Acting and advising on Audit (in iRisk tool) & MIA (management identified actions) points - you will provide advice / challenge the auditors for recommendations

Requirements – What we are looking for

  • Bachelors and/or master’s degree
  • Certifications like RE, CRISC, CISSP, CISA and/or CISM are highly recommended
  • 5 years’ professional experience in the field of Information / IT Security
  • Experience with:
    • IT auditing
    • Building IT Security policies and standards
    • Modelling and describing processes and procedures
    • Designing governance models
    • Developing training materials
    • Organizing workshops and providing class-room training
    • Creating clear guidance materials
    • Executing IT risk assessments
  • Excellent command of the English language and outstanding oral and written communication skills
  • Skilled in working with MS Office, especially PowerPoint (reporting) and Excel (data analysis)
  • Strong reporting skills (including C-level reporting)
  • Ability to ‘take it on and make it happen’ (ownership & responsibility)
  • Takes initiative and eager to deliver (no matter what)
  • Ability to work under complex and stressful conditions
  • Ability to simplify complexity and drive operational excellence
  • Experience in a financial environment is a plus
  • Strong analytical skills, and ability to solve high complexity problems
  • Ability to provide timely and comprehensive recommendations to mitigate risks
  • Team player and collaborative
  • The will and mind set to continuously want to improve
  • Has thorough understanding of consultancy methodologies