Cyber Security Specialist

Your role & work environment

ING aims to be the most safe and secure bank. We strive to provide our customers with a safe haven for all their assets. Within the CISO office, we believe that ING plays a pivotal role in protecting our society. In a changing and uncertain digital world, we provide our internal and external customers peace of mind by ensuring ING is a front-runner when it comes to security.

The CISO office for ING Market Leaders is a multi-disciplinary team located in Belgium and the Netherlands. We are repsonsible for information security across the Market Leaders organisation (Belgium and the ING retail bank in the Netherlands). In order to be able to keep up with all the security challenges of the future, we are looking for a new colleague for our team in Brussels.

You will join a team of dynamic security professionals that is part of the Fraud and Cybersecurity tribe. Every day will be different working in this team as you will need to engage with both C-level management as operational security professionals. Within the CISO office, you will help bank CISO set the global security policies and ensure local implementation of security capabilities. You will make a concrete contribution to continuously improve the security of all of our assets by assessing and improving our current solutions. Finally, you will ensure that ING remains a front-runner in cybersecurity by keeping up with the latest trends and technologies in cyber security and ensure proper adoption within ING.

Your key responsibilities

• You take on the product owner role for the CISO team in Belgium. This means that you prioritize and steer the backlog for the CISO team based on continuous alignment with our different stakeholders. These main stakeholders include bank CISO, the IT security organisation and the different operational security teams.
• In your product owner role, you ensure all agile ceremonies including sprint planning, standups, sprint review and retro’s.
• As security subject matter expert, you also contribute to the security vision and drive the security roadmap for the organisation together with ML CISO and other stakeholders. You perform and deliver maturity and value assessments of the different security capabilities to identify improvement needs and opportunities.
• You organize and conduct business-facing threat assessment and prioritization sessions, with the goal of identifying top risks and related mitigating efforts (“Security Watch”). You manage the portfolio of security efforts tied to those assessments – examples include, the scoping and execution of red/blue team engagement, the implementation of additional security measures (e.g. identity and access solutions), the execution of specialized training programs, the definition of threat profiles and intelligence gathering in collaboration with the Global Intelligence Centre.
• You own the coordination and support the execution of scenario analysis deep dive sessions with business and IT stakeholders. These sessions aim at identifying specific threats impacting business critical processes and assets and to identify actions and remediations to be implemented. This may include refinement of security event monitoring use cases, strengthening of security baseline designs.