IT Risk Expert (Business Lending)

ING Bank NL, Business Lending is looking for an enthusiastic, passionate and inspiring Business Control Specialist (1st Line of Defence), with a solid engineering and security background and hands on mentality. As a Business Control Specialist, you enable the DevOps teams in creating and maintaining secure and compliant applications and infrastructure.

You will support various DevOps teams in making/ updating risk assessments, Operational Security Baselines and review the evidence delivered by the teams against the ING IT Security standards and criteria. Helping others to be successful is one of your core qualities. Your added value lies in your critical attitude and how you challenge the teams and take them with you on the journey to make and keep their applications compliant and safe.
 

You support management of Business Lending by reporting the compliance state of the Business applications, perform trend analyses and advice in estimating the risks and prioritize the work.
In this function you have a close relation with 2nd line Risk and CISO and also with the current 2 Risk Engineers within Business Lending.

Roles and responsibilities

You will be:

• Helping and motivating the DevOps teams to understand IT Risk and security and implement it accurately
• Advising/informing product teams (squads) according to the Information Risk Minimum Standard
• Being the contact person for 2nd Line of Defense (Operational Risk Management (ORM)/IT Risk Management (IRM) and Business Information Secruity Officers/ SPOCS Core Banking & Advisory)
• Act as a linking pin between Safe Business officers and IT risk
• Monitoring and coordination of the IT Sox testing
• Quality checks on ITRMP IT Risk evidence delivered by the teams and perform the FLM check
• Reviewing (incl. approve/decline) the Operational Security Baseline delivered by the teams
• Leading Risk sessions and meetings for the tribe and participate in Business Impact Analysis (BIA), Detailed Risk Assessment (DRA)
• Keeping the Risk Journeys (documentation and instructions for engineers) up to date
• Supporting teams in using tooling used within ING (such as Amyna, SDT, ITRMP, etc.)
• Assisting and advising teams and management in iRisk/CAS Issues registered from (audits, ), Risk Events, Risk Acceptances, Management Identified Actions
• Monitoring and following up on registered risk items
• Organizing in the bi-weekly Risk Evaluation Meeting (REM) for Business Lending
• Supporting the tribe in creating and maintaining Business Continuity Plan (BCP)

How to succeed

We hire smart people like you for your potential. Our biggest expectation is that you’ll stay curious. Keep learning. Take on responsibility. In return, we back you to develop into an even more awesome version of yourself.

• A proven track record and proficiency in IT Risk (5 + years), containing but not limited to Ops Engineering: you ran daily IT Operations on a IT system, therefore knowing what it takes to manage a system and handle:
•  Change Management
• Identity and Access Management
• Operational Resilience
• Platform Security
• Cyber Security CISSP, CISM or CISA or other IT risk related certifications holder is desirable)
• Analytical, precisely, tenacious and autonomous
• Strong social and communication skills and being a sparring partner for our business colleagues.
• Conceptional understanding of some technologies: Linux, Windows, containers and Azure DevOps
• Fluent in English speaking and writing

You are a person who:

• You are upbeat and focus on continuous improvement, in the security implementation, as well as in the application documentation and general guidelines received from the central security team
• You are analytical and strong at asking the right questions, factually getting to the bottom of an issue
• You strive for, and help colleagues find solutions and common ground whenever you observe different viewpoints
• Don’t take things for granted, and constructively challenge them and find common grounds, by actively listening and understanding the presented viewpoints.

Rewards & benefits 

We want to make sure that it’s possible for you to strike the right balance between your career and your private life. You can find out more about our employment conditions at https://www.ing.jobs/netherlands/Why-ING/benefits.htm 

The benefits of working with us at ING include:

●            A salary tailored to your qualities and experience

●            24-27 vacation days depending on contract

●            Pension scheme

●            13th month salary

●            Individual Savings Contribution (BIS), 3.5% of your gross annual salary

●            8% Holiday payment

●            Personal growth and challenging work with endless possibilities

●            An informal working environment with innovative colleagues

●            Work Agile, so new ideas come to life faster

About us

With 60,000 employees and operations in approximately 40 countries, there is no shortage of opportunities for people with initiative who want to help people take a step ahead in life and in business. Do you want to work at the cutting edge of what’s possible and at the same time ensure you work with integrity and hold the customer’s interests at heart? Do you want to be surrounded by progressive, inspiring, diverse and supportive colleagues? Then there is no better place to invest your talents than at ING. Join us. Apply today.