Security Lead Analyst
Contract de muncă | Tech | Nivel mediu | România | 2019-08-01 | 057276
Discover ING Tech
ING TECH is an international hub for technology & innovation, developing IT solutions across ING in areas such as Core Banking, Big Data, Financial Markets, Data Management, Touch Point Architecture and many more. By using the latest methodologies in software development, our fast-growing team gathers more than 650 tech enthusiasts who work for international projects that go beyond traditional banking.
Touchpoint Platform is an open technology platform. A place where producers can share services and consumers can combine these services into scalable business propositions across the bank and third parties. Touchpoint provides one flexible and modular architecture that simplifies and standardizes our applications, helping ING become scalable across the globe.
Within the IT world the applications we build are subject to various threats and risks. Information technology or IT risk is basically any threat to the business data, critical systems and business processes. It is the risk associated with the use, ownership, operation, involvement, influence and adoption of IT within an organization. IT risks have the potential to damage business value and often come from poor management of processes and events. In order to deal with these risks and ensure our product is safe we have a number of procedures and controls in place.
Touchpoint Platform’s components are developed by engineers organized in DevOps squads. For each of these components the corresponding risk controls have to be implemented and maintained.
As a Chapter Lead you have the following objectives:
• facilitate the development of your Risk Engineers in your chapter helping them grow their skills and knowledge.
• motivate and coach your team to reach their full potential.
• hands-on risk activity as member of one Squad.
Your day to day
• You help your team develop through coaching, mentoring and constant feedback
• Together with your IT Area Lead you set targets for each team member
• You work with the recruitment team to attract, onboard and retain top talent (guideline HR activities: 40%, Risk Engineering activities 60%)
• You are responsible for HR related activities: 1 to 1 meetings with your team members , performance management, etc.
• You have to define and document adequate risk processes and collect the evidence that we follow them. Next to this you have to make sure that the different risk parties (1st line, 2nd line and 3rd line) agree with the evidence.
• Responsible for developing and editing documents and reports in the English language as per operations and project management requirements and specifications including.
• Write the risk documentation
• Provide documentation support to the technical team
• Interface with developers and operation engineers to define the specifications
• Understand the need for security and apply it using the existing security framework
• Show proactivity and flexibility, come up with plans of action and adapt approaches if necessary.
• Understand the corporate climate and culture and act as an ambassador
What you bring to the team
• On average 2-3 years of experience in either IT Governance or IT risk/ IT Control implementation
• Technical background (preferably, a graduate of a technical form of higher education)
• Ability to understand the risk processes in an IT environment
• Hands-on and pro-active delivery attitude
• Being able to overcome resistance, work in short sprints, work closely with diverse teams
• Able to make clear and convincing statements on the risk based
• Preferably experience with Agile working
• Project management experience is a plus
• Fluent in English (spoken and written) is mandatory