10 ianuarie 2020 ... min. Asculta
Information Risk Officer
Contract de muncă | Risc | 2019-06-25 | 055876
This new position will be created within the ING Regional Information Risk Management Centre (IRIC) and will be located in Bucharest, Romania. The role is defined as an Information Risk Officer within the global Information Risk Management community, very specifically related to the regional information risk management activities (including Second Line Monitoring). The role reports hierarchically to the Head of the ING Regional Information Risk Management Centre (IRIC).
The primary role of the IRIC in Bucharest will be providing support to the ING Bank Information Risk Management community in performing Risk Monitoring activities for Romania based ING entities (e.g. ING Services and ING Bank Romania). Also, other information risk management related activities might be provided by the IRIC to ING entities in countries geographically surrounding Romania. This will help ING business units as well as Corporate Information Risk Management (CIRM) to manage the IT Risk profile of ING Bank in a sound manner.
Within the IRIC Romania, you will be part of a team of Information Risk Management (IRM) Officers and Business Continuity Management (BCM) Specialists dedicated to support the global Information Risk Management functions on various IRM and BCM related activities to ensure that IT risk and Continuity risk are adequately managed.
- Supporting the Head of IRIC Romania with research, fact finding, collecting evidence and documenting activities;
- Contributing to the development and maintenance of Corporate Information Risk Management Strategy, Framework, Policies, Minimum Standards, Procedures, Methods and Techniques;
- Providing interpretation of ING Group IT Risk Policies & Minimum Standards;
- Participating in, challenging and periodically reporting upon the risks of key strategic (IT/BCM) programs and projects;
- Participating in and challenging risk assessments (including Data Classification, Business Impact Assessments or detailed IT Risk assessments) on specific Operational Risk or Information Risk projects and programs;
- Measuring and reporting the implementation of Information (Technology) security framework throughout the organization;
- Supporting strategic and ad-hoc risk analyses, risk papers and risk reports with fact finding, researching and documenting activities;
- Supporting the identification of the impact of and the coordination of responses to law and regulatory changes, internal & external audit reports, etc. and monitoring the follow-up on the regulatory issue solving;
- Contributing to the development and maintenance of a curriculum and training programme, and to training of the IRM-BCM community.
- Performing planned/spot checks for verifying the effectiveness of the controls implemented;
- Reviewing & challenging the Key Control Tests results;
- Performing and assisting in other information risk activities where the requirements arise.
What you bring to the team:
- University BSc Degree or equivalent, preferably in IT field;
- 2– 6 years’ experience in IT/IT Security/IT Audit or Risk Management areas;
- Collaboration skills and ability to work across both functional and geographical lines;
- Good analytical skills and sound judgment;
- Fluent in English (written and spoken);
Would be considered a plus:
- Knowledge of Banking business, processes, procedures and systems and associated laws & regulations
- Experience in Business Continuity Management & having professional education and/or multiple international certifications for Information (Technology) Security (e.g. ISC2, ISACA accreditations)