Head of CCERT (Security Delivery and Operations)
Employee | Management | Professional | Amsterdam | 2020-06-01 | REQ-10025819
ING CISO mission is to keep the bank secure and to safeguard customer trust by predicting, preventing, identifying and responding to threats and make sure a quick recovery from cyber-related incidents. We enable our ING colleagues by providing usable and secure services and ensure that security is part of our DNA.
ING, like its competitors, is operating in an increasingly complex environment. Digitisation is a top priority as customer preferences are changing towards mobile and digital. ING is moving from traditional ways of delivering to a platform bank. Disruptive technologies and new types of threats create additional cyber risks for organisations, and new cyber security regulations are either launching or in development.
Generic summary of role
Head of CCERT reports to global CISO and is a part of the CISO Management Team. The objective of the Global Security Delivery team is to provide standardised security capabilities as well as develop and maintain best-in-class security services.
- Translate global security strategy and objectives into the functional strategy and roadmap. Lead the implementation of the roadmap, driving the change in the organization. Provide transparent reporting on the progress.
- Ensuring the effectiveness and efficiency of the Security Operations services and processes
- Contribute to embedding security into the business and IT strategy of the bank
- Lead the global team of Product Owners and Process and Service Managers for the security services
- Establish new and enhance existing security capabilities based on identified risks, considering internal standards and applicable regulation, as well as automation and emerging security technologies.
- Act as the Chief Product owner who leads the development and management of global security services. Work with ING business units globally to effectively on-board them onto global services.
- Lead the development of the agile organisation that develops and manages these services. Stimulate global interaction between tribes, squads and chapters (within and outside own area).
- Managing 3rd parties providing security services; Ensure strategic partner ecosystem and leverage smartly to deliver value for ING and our partners. Mentor, develop, and grow next generation security workforce. Security engineering quality is paramount importance to help accelerate and you will be one of the ambassadors to attract top talent to ING.
Proven track record and technical skills:
- Master’s degree in Cybersecurity , computer science or comparable Master’s degree
- 10-15 years’ professional experience at management level and relevant information security & fraud management experience. Ideally in large companies and corporate consulting experience.
- Subject matter expert in the area of Information Security. Certifications like CISSP and CISM are highly recommended. CISA and other specific information security or fraud management certifications are considered useful
- Solid understanding of (security) data analytics, quantitative modelling of data and data research
- Proven experience in establishing and managing security services, e.g. security monitoring, incident and crisis management, threat intelligence etc.
- Strong knowledge of current security technologies and emerging trends in this area
- Good understanding of finance aspects and budgeting cycle
- Strong working knowledge of pertinent law and regulations
- Sound experience in building strategic roadmaps and proven experience in strategic projects with high impact
- Expertise in driving and steering multidisciplinary teams
- Demonstrated track record of building and maintaining highly collaborative, flexible, and productive cross-organisation teams
- Articulate, persuasive and able to communicate constructive criticism and information security related concepts to a broad range of technical and non-technical audiences (including board level and regulators)
- Outstanding oral and written communication skills, as well as outstanding negotiation and change management skills
- Can demonstrate success in establishing executive relationships and influencing executive decision-making
- Ability to take responsibility, steer strategy and realisations based on facts and data; managerial courage to question and make decisions
- Ability to empower teams to act autonomously, think out of the box and hold them accountable
- Ability to simplify complexity and drive operational excellence
- Ability to support yourself and other team members in development
- Ability to have impact through inspiring and energetic leadership that leads teams through change
- Excellent level of English
- Experience in a financial environment is a plus