SRQ124416 - Senior Security Engineer (353570)

Work location:
Starting date:
Ending date:
Hours per week:

Aanleveren (ENG CV, tenzij anders aangegeven), inclusief motivatie (geef aan waarom juist jij de geschikte kandidaat bent voor de functie, naast technische vaardigheden ook ingaan op de soft skills).
Graag horen we ook je vakantieplannen en beschikbaarheid.

•Bachelor's Degree in Computer Science or related field
•Certifications of at least one of: CISSP, CISA, CISM
•Computer Science fundamentals in data structures
•Computer Science fundamentals in algorithm design, problem solving, and complexity analysis
•Good command of spoken and written English

•Experience working in a Dev/Ops team with Agile and ITIL practises
•Knowledge of ING’s Policy House, Minimum Standards, Non Financial Risk Control, Operation Control Dashboard (OCD) and understanding of required controls
•Content management: Confluence / OrangeSharing / SharePoint
•Agile planning and management : SNOW
•foundation in Linux and Apache Tomcat administration and troubleshooting;
•Foundational experience with automation;
•Be able to understand and formulate meaningful risk and security related metrics, reports and advice to all levels of the organisation (engineering, business and Sr Management);
•Experience taking a leading role in managing continuous improvements in a complex international context;

TouchPoint Platform is part-of ING’s “Think Forward” strategy. This new model is developing harmonized business models and shared operating models. Foundational elements for the  globally scalable banking platform are Global Data Management, Global Process Management and a Modular Architecture. The TouchPoint Open Banking platform will  deliver the Modular Architecture.
The TPA Central Support team takes care of consistency and quality of the end to end Operations of the TPA services with multiple components managed by several squads in different countries. Activities :
•Establish and maintain TPA wide Risk & Security awareness in the context of ING’s Policy House, Minimum Standards and Security Controls in order to comply to global, regional and local laws and regulations.
•Coach, Train, Assist, Challenge TPA squads in their efforts to develop and maintain proven secure IT services through Business Impact Analysis, Risk Assessments, Operational Control Dashboards, OSGs, etc
•Establish (automated) reporting and dashboards on TPA Risk and Security Compliance status
•Establish and maintain close collaboration with TPA relevant Risk and Security departments (e.g. Global and local CISO, IRM, ORM)
•Stay up to date on all Risk and Security related subjects and provide relevant insight and guidance to TPA leadership
•Coordinate and work together with TPA squads on up to date, correct and timely risk identification and mitigation in iRisk (MIA’s and CAS audit findings)
•Set-up and facilitate Root Cause Analysis on risk and security related incidents, ensure follow-up actions and share lessons learned across TPA
•Drive efficiencies in risk management and processes in alignment with second line IRM and ORM
•Keep an overview of the overall TPA risk profile by reporting on Non Financial Risk Control scores, monitor and drive risk mitigation and facilitate internal and external audits being performed within the TPA domain.
•Prepare status reporting, requests for risk acceptance and advice TPA leadership towards regular Non Financial Risk Committee Tech and Bank
•Organize workshops and hackatons on specific risk and security subjects in the TPA domain
•Represent TPA Risk and Security in partner programs like Unite, PSD2 and ModelBank

< Go back to the overview of all orders