Type:
Vast dienstverband
Locatie:
Amsterdam
Opleiding:
Master (EQF 7)
Gepubliceerd:
07/10/2021
Status:
Open
Reageer voor:
22/12/2021
Uur p/wk:
40

Beschrijving:

There has never been a more interesting time to work at ING. We’re on a journey that’s centred around our customers, powered by technology and driven by smart, determined people. Our customers feel our people are empowering them to stay a step ahead in life and in business.

 

We believe ING plays a pivotal role in protecting our society: in a changing and uncertain digital world we provide peace of mind by ensuring ING is the safest bank. Confidence in the brand of ING, to secure data and services, is the foundation of our existence.

 

The Global CISO organisation of ING is responsible to assist ING management, business and other tribes in providing customer friendly services in a safe and secure way. Business leaders and CISO are jointly responsible for bank-wide security. CISO is mandated to drive required change in all domains, business and IT.

Presently we are looking for a CISO for ING Domestic Bank Netherlands.

 

Key Responsibilities

  • Strategy
    • Assists ING Bank’s Global CISO and Retail business line CISO in formulating vision and strategy, setting objectives for security and translate these objectives into targets, whilst balancing the interests of all stakeholders and focusing on the customer's interests
    • Partners with NL CIO and business leaders to develop a cohesive security strategy, and a roadmap (schedule, cost, effort, benefit model) for Retail and Global strategy implementation within Domestic Bank Netherlands
    • Responsible for ensuring Global and Retail security vision and strategy is rolled out consistently across Domestic Bank Netherlands functions
    • Establish and operate the CISO office for DBNL, driving the recruitment of new team members and building a high performing team. Act as first point of contact in communication with key stakeholders– mainly bank CISO, Retail CISO, DBNL and other Retail IT and security organizations
    • Actively participate in the Retail CISO global team to develop and deploy strategy, steer business line projects and collaborate across the ING retail and global security communities

 

  • Leadership
    • The CISO NL reports hierarchically to the CIO within Tech NL and functionally to the Retail Business Line CISO
    • Member of the DBNL Tech management team
    • Member of the Retail CISO business line global team
    • Lead and participate in relevant Retail CISO forum programs, projects and strategic initiatives for the Retail business line and / or ING Group
    • Ensures strong collaboration with NL CIO and COO and their organisations regarding directions and deliverables
    • Provides security directions for core new projects/solutions/services being designed, constructed, and delivered within the NL span of responsibility
    • Monitors and reports on execution in terms of vision and strategy
    • Proactively advises the NL CIO and challenges where necessary
    • Monitors adequate organisation of security activities and provides guidance around security
    • Actively raises awareness among staff and responsible for establishing available awareness tools and trainings on security. Rollout security curriculum across the NL functions
    • Mentors, develops, and grows next generation security leadership
    • Builds a strong CISO chapter in DB NL and supports the development and craftsmanship of its members

 

  • Financial
    • Understands the figures and costs for Security activities and staff; Manages cost development
    • Encourages NL/Tech and NL/COO to initiate improvements focusing on the efficiency and quality of security services

 

  • Knowledge
    • Stays on top of developments in security and financial services; shares and embeds lessons learned and initiate any required action to be always on top of existing and new security threats and developments
    • Able to develop and execute a strategy and vision for the future state of security within Domestic Bank Netherlands.
    • Proactively engages with the broader CISO community
    • Collaborate with compliance, risk, audit and IT to ensure required monitoring is in place to meet our regulatory requirements and to provide enhanced monitoring and provides insight in security performance & metrics
    • Partners with external and internal teams/financial institutes/regulators/government bodies to share threat intelligence
    • Develops and maintains an internal/external, international/domestic network in order to promote ING's interests and to increase his/her own professionalism and contribute to knowledge-sharing
    • Contributes to the development of ING Bank security control frameworks and reference architectures based on (internal and external) threats identified
    • Coordinates roll-out and monitors adherence to IT security standards
    • Has escalation power towards the CIO in relation to NL business activities that are judged to present unacceptable threats to ING; Acts as point of escalation for security issues
    • Oversees, manages and responds to major threats and security incidents
    • Collaborates with Data Protection Officer to protect data subject to data privacy regulations and collaborate on data breaches security incident management
    • Supports security related audits
    • Steers the operation of existing applications and services owned by security
    • Reviews and approves risk acceptances/waivers from security perspective as a member of the risk committee

 

Requirements 

  • 10+ years of professional experience at management level and relevant information security & fraud management experience. Ideally in large companies and/or corporate consulting experience
  • Master’s degree in a relevant field. Certification like CISSP, CISM, etc. are highly recommended
  • Strong working knowledge of pertinent law and regulations
  • Sound experience in building strategic roadmaps and proven experience in strategic projects with high impact
  • Expertise in driving and steering multidisciplinary teams
  • Demonstrated track record of building and maintaining highly collaborative, flexible, and productive cross-organisation teams
  • Articulate, persuasive and able to communicate constructive criticism and information security related concepts to a broad range of technical and non-technical audiences (including board level and regulators)
  • Outstanding oral and written communication skills, as well as outstanding negotiation and change management skills
  • Can demonstrate success in establishing executive relationships and influencing executive decision-making
  • Ability to take responsibility, steer strategy and realisations based on facts and data; managerial courage to question and make decisions
  • Ability to empower teams to act autonomously, think out of the box and to hold them accountable
  • Ability to simplify complexity and drive operational excellence
  • Ability to have impact through inspiring and energetic leadership that leads teams through change
  • Excellent level of English
  • Experience in a financial environment is a plus